Vulnerability Remediation 4.3 Flashcards
1
Q
Patching
A
- Most common mitigation technique
- Vulnerabilities are known and requires security patch to install
- Ongoing process
2
Q
Schedule of Patches
A
- Provided on a standard weekly or monthly schedule
3
Q
Unscheduled Patch
A
- Addresses Zero-Day vulnerabilities
4
Q
Cybersecurity Insurance Coverage
A
- A policy that executes when after an attack occurs
- Risks are transferred to a third party that manages specific types of multiple risk for multiple parties.
5
Q
Coverage of Cybersecurity Insurance
A
- Lost revenue
- Data recovery
- Money lost to phishing
- Privacy lawsuits costs
6
Q
What is Not Covered by Cybersecurity Policy
A
- Intentional acts, funds transferred, ransomware, etc.,
7
Q
Segmentation
A
- Limits the scope of an exploit / attack
- Separates devices onto their own network or VLANs
- Prevents an attacker from gaining access to additional parts of the system
8
Q
Considerations for Segmentation
A
- Difficult to patch as it may cause other problems or not installing properly onto a service.
- System must be moved to an air gap system
9
Q
Internal Next Generation Firewalls (NGFW)
A
- Monitors the traffic between two segmented systems
- Able to identify the application allowing for the systems to communicate.
- Blocks unwanted/unnecessary traffic between VLANs.
- Identifies malicious traffic on the inside.
10
Q
Physical Segmentation
A
- Physical separation of systems
- Air gap
11
Q
Logical Segmentation
A
- Accomplished through VLANs
- Allow the assigning of the interfaces to different systems
- Cannot communicate between VLANs without a layer 3 device or router
12
Q
Compensating for Inability to Patch
A
- Disable the problematic system.
- Revoke access to the application
- Limit external access
- Modify internal security controls and software firewalls
13
Q
Change Control Board (CCB)
A
- A body that oversees the change management process
- Enables management to oversee and coordinate projects
14
Q
When Patches Cannot Be Performed
A
The CCB must be determined Exceptions and Exemptions of not performing a patch
15
Q
Validation of Remediation
A
- Determining if recently installed patch has stopped the exploit or patched all vulnerabilities.