Vulnerability Remediation 4.3 Flashcards

1
Q

Patching

A
  • Most common mitigation technique
  • Vulnerabilities are known and requires security patch to install
  • Ongoing process
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Schedule of Patches

A
  • Provided on a standard weekly or monthly schedule
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Unscheduled Patch

A
  • Addresses Zero-Day vulnerabilities
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Cybersecurity Insurance Coverage

A
  • A policy that executes when after an attack occurs
  • Risks are transferred to a third party that manages specific types of multiple risk for multiple parties.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Coverage of Cybersecurity Insurance

A
  • Lost revenue
  • Data recovery
  • Money lost to phishing
  • Privacy lawsuits costs
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is Not Covered by Cybersecurity Policy

A
  • Intentional acts, funds transferred, ransomware, etc.,
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Segmentation

A
  • Limits the scope of an exploit / attack
  • Separates devices onto their own network or VLANs
  • Prevents an attacker from gaining access to additional parts of the system
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Considerations for Segmentation

A
  • Difficult to patch as it may cause other problems or not installing properly onto a service.
  • System must be moved to an air gap system
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Internal Next Generation Firewalls (NGFW)

A
  • Monitors the traffic between two segmented systems
  • Able to identify the application allowing for the systems to communicate.
  • Blocks unwanted/unnecessary traffic between VLANs.
  • Identifies malicious traffic on the inside.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Physical Segmentation

A
  • Physical separation of systems
  • Air gap
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Logical Segmentation

A
  • Accomplished through VLANs
  • Allow the assigning of the interfaces to different systems
  • Cannot communicate between VLANs without a layer 3 device or router
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Compensating for Inability to Patch

A
  • Disable the problematic system.
  • Revoke access to the application
  • Limit external access
  • Modify internal security controls and software firewalls
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Change Control Board (CCB)

A
  • A body that oversees the change management process
  • Enables management to oversee and coordinate projects
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

When Patches Cannot Be Performed

A

The CCB must be determined Exceptions and Exemptions of not performing a patch

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Validation of Remediation

A
  • Determining if recently installed patch has stopped the exploit or patched all vulnerabilities.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Validation of Remediation Method - Rescanning

A
  • Perform an extensive vulnerability scan
  • Confirms patch has been installed and additional vulnerabilities.
17
Q

Validation of Remediation Method - Validation

A
  • Check remediated systems to ensure the patch was successfully deployed
18
Q

Validation of Remediation Method - Verification

A
  • Manually confirm the security of the system
  • May require someone to manually login into the system and test the patch
19
Q

Reporting

A
  • Provides ongoing checks which are required when there over a thousand systems to monitor.
  • Difficult or impossible to manage without automation.
20
Q

Continuous Reporting Findings

A
  • Number of identifiable vulnerabilities
  • Systems patched vs unpatched
  • New threat notifications
  • Notifies of errors, exceptions, and exemptions