Vulnerability Assessment

Question 1

CVSS assessment consists of three metrics for measuring vulnerabilities

Answer 1

Base metrics: It represents the inherent qualities of a vulnerability.
Temporal metrics: It represents the features that keep on changing during the lifetime of a vulnerability.
Environmental metrics: It represents the vulnerabilities that are based on a particular environment or implementation.

Question 2

This part of the report provides information such as the name of the scanning tool, its version, and the network ports that have to be scanned

Answer 2

Scan information

Question 3

This part of the report contains information about the target system’s name and address

Answer 3

Target information

Question 4

This section provides a complete scanning report. It contains subtopics such as target, services, vulnerability, classification, and assessment

Answer 4

Results

Question 5

This subtopic includes each host’s detailed information

Answer 5

Target

Question 6

The subtopic defines the network services by their names and ports.

Answer 6

Services

Question 7

This subtopic allows the system administrator to obtain additional information about the scanning such as origin of the scan

Answer 7

Classification

Question 8

This class provides information regarding the scanner’s assessment of the vulnerability

Answer 8

Assessment