Vulnerability Management

Question 1

Threat Intelligence

Answer 1

The continual process used to understand the threats faced by an organization.

Question 2

Threat Intelligence Feed

Answer 2

The continuous stream of data related to potential or current threats to an organization’s security.

Question 3

Open Source Intelligence (OSINT)

Answer 3

Intelligence that is gained from publicly available sources.

Question 4

Responsible Disclosure

Answer 4

Term used to describe the ethical practice where security resources disclose information about vulnerabilities.

Question 5

Common Vulnerability and Exposures (CSE)

Answer 5

System that provides a standardized way to uniquely identify and reference known vulnerabilities in software/hardware.

Question 6

NESSUS

Answer 6

A vulnerability tool tester.

Question 7

OpenVAS

Answer 7

A vulnerability tool tester.

Question 8

Vulnerability Response and Remediation

Answer 8

The strategies that identify, access, and address vulnerabilities in a system or network to strengthen an organization’s security posture.

Question 9

Voluntary Reporting

Answer 9

The process of documenting and communicating details about security weaknesses identified in software systems to the individuals or organizations responsible for addressing the issues.

Question 10

Vulnerability Reporting Types

Answer 10

Internal, External.