Vulnerability Sample Questions Flashcards
What part of the cyber kill chain corresponds to vulnerability scanning?
Reconnaissance
Vulnerability scanning is typically part of the reconnaissance phase, where attackers gather information about potential vulnerabilities.
What is an example of sandboxing?
Running untested code in a virtual environment
Sandboxing isolates the code execution to prevent any potential harm to the host system.
What are the benefits of full-drive encryption?
- Protects data at rest
- Prevents unauthorized access
- Ensures compliance with data protection regulations
Full-drive encryption secures all data on a drive, making it unreadable without the correct decryption key.
What are the drawbacks of full-drive encryption?
- Potential performance impact
- Recovery challenges if encryption key is lost
- Complexity in management
Full-drive encryption can slow down system performance and complicate recovery processes in case of lost keys.
What does a stateful firewall do that a traditional packet filtering firewall does not?
Tracks the state of active connections
Stateful firewalls maintain context about active sessions, allowing for more advanced filtering based on connection states.
What does an application-level firewall (or next gen firewall) do that a traditional packet filtering firewall does not?
Inspects application data and behavior
Application-level firewalls can analyze specific application protocols and detect more sophisticated threats than basic packet filtering.
