Vulnerability Management

Question 1

Vulnerability Assessment Methodology

Answer 1

1. Define the desired state of security
2. Create a baseline
3. Prioritize the vulnerabilities
4. Mitigate vulnerabilities
5. Monitor the network and systems

Question 2

Penetration Testing Methodology

Answer 2

Penetration tests look at a network’s vulnerabilities from the outside
Metasploit and CANVAS are commonly used

1) Get permission and document info
2) Conduct reconnaissance
3) Enumerate the targets
4) Exploit the targets
5) Document the results

Question 3

Penetration Testing: Pivot & Persistence

Answer 3

Pivot:
Occurs when an attacker moves onto another workstation or user account

Persistence:
Ability of an attacker to maintain a foothold inside the compromised network

Question 4

TTX

Answer 4

Tabletop Exercise:
Exercise that uses an incident scenario against a framework of controls or a red team

A tabletop exercise is a discussion of simulated emergency situations and security incidents

Question 5

Pentest Teams

Answer 5

Red Team
The hostile or attacking team in a penetration test or incident response exercise

Blue Team
The defensive team in a penetration test or incident response exercise

White Team
Staff administering, evaluating, and supervising a penetration testor incident response exercise

Purple Team
Defense and offense work together

Question 6

OVAL

Answer 6

Open Vulnerability & Assessment Language:
A standard designed to regulate the transfer of secure public information across networks and the Internet utilizing any security tools and services available

OVAL is comprised of a language and an interpreter

A shared standard & language for various tools to share vulnerability info

Language is an XML schema

Question 7

OVAL Interpreter

Answer 7

A reference developed to ensure the information passed around by these programs complies with the OVAL schemas and definitions used by the OVAL language

Question 8

Network Mapping

Answer 8

Discovery and documentation of physical and logical connectivity that exists in the network

Commercial and free network mapping software is available

Question 9

Vulnerability Scanning: Banner Grabbing

Answer 9

A technique used to gain information about servers and inventory the systems or services

Nessus and Qualysguard are commercial vulnerability scanners

Question 10

Network Sniffing

Answer 10

The process of finding and investigating other computers on the network by analyzing the network traffic or capturing the packets being sent

Network sniffer, packet sniffing, and protocol analyzer can all conduct packet capture

Question 11

Protocol Analyzer

Answer 11

Software tool that allows for the capture, reassembly, and analysis of packets from the network

Question 12

Cryptanalysis Attack

Answer 12

Comparing a precomputed encrypted password to a value in a lookup table

Question 13

Rainbow Table

Answer 13

List of precomputed values used to more quickly break a password since values don’t have to be calculated for each password being guessed

Question 14

Rubber Hose Attack

Answer 14

Attempt to crack a password by threatening or causing a person physical harm in order to make them tell you the password