Module 03 Vulnerability Management

¡Supera tus tareas y exámenes ahora con Quizwiz!

insecure object reference

A condition that occurs when an application externally exposes a reference to an internal object.

vulnerability scan

A frequent and ongoing process, often automated, to continuously identify vulnerabilities and monitor cybersecurity progress.

Which of the following do plug-ins NOT contain?

A listing of vulnerable local IP addresses

Callister is evaluating a software application that is not providing the correct output. He is able to determine that two concurrent threads of execution are accessing a shared resource simultaneously What has Callister uncovered?

A race condition

What is an SLA?

A service contract between a vendor and a client that specifies what services will be provided, the responsibilities of each party, and any guarantees of service

service level agreement (SLA)

A service contract between a vendor and a client that specifies what services will be provided, the responsibilities of each party, and any guarantees of service.

Default configurations

A setting predetermined by the vendor for usability and ease of use (and not security) so the user can immediately begin using the product.

race condition

A software condition in which two concurrent threads of execution access a shared resource simultaneously, resulting in unintended consequences.

non-credentialed scan

A vulnerability scan for which no valid authentication credentials are supplied to the vulnerability scanner.

credentialed scan

A vulnerability scan for which valid authentication credentials are supplied to the vulnerability scanner to mimic the work of a threat actor who possesses these credentials.

internal vulnerability scan

A vulnerability scan that is performed from the vantage point of inside the internal network.

external vulnerability scan

A vulnerability scan that is performed from the vantage point of outside the network.

server-based

A vulnerability scanner configuration in which a manager connects to a scanner engine that probes each system for information that is then gathered (pulled) back for analysis.

agent-based

A vulnerability scanner configuration in which software agents that reside on a system send (push) their information back to the manager.

true negative

Accurately failing to trigger an alarm when no vulnerability is detected.

true positive

Accurately triggering an alarm based on the detection of a vulnerability.

risk acceptance

Acknowledging that a risk exists but taking no further action.

Which of the following does NOT apply to a vulnerability scan?

Act like a threat actor to find vulnerabilities to exploit.

dereferences

An action that occurs when a program needs to access the value stored in memory by using the pointer to that memory location.

memorandum of understanding (MOU)

An agreement between two or more parties that demonstrates a "convergence of will" between the parties so that they can work together.

false positive

An alarm that is inaccurately raised when no vulnerability exists.

compensating control

An alternative action to address a vulnerability.

improper error handling

An error condition that can potentially provide an attacker with underlying access to the OS.

strcpy

An internal function of the programming language C that can be used to copy a string to a destination buffer without checking the length of the destination buffer into which the string is being copied.

vulnerability feeds

An ongoing stream of data related to potential or current threats.

configuration baseline

An updated foundation-level configuration that is then applied to all systems.

Gregson has just completed a vulnerability scan that has identified several vulnerabilities in software applications. To whom should Gregson send this report so that they can be quickly addressed?

Application developers

segmentation

Architecting a network so that parts can be cordoned off into isolated sections.

Which of the following options are technical constraints while running a vulnerability scan?

Availability of resources or assets Several target assets Licensing restrictions

mapping

Building a picture of an endpoint and network through enumeration.

When prioritizing vulnerabilities, what system will assign a numeric score to a vulnerability?

CVS

types of data

Categories of data to which labels are assigned based on their importance.

weak configurations

Configuration settings that are not properly implemented.

workflow

Daily or normal business processes.

Evgeni has been asked to perform a vulnerability scan. Which of the following steps would he perform first?

Determine data classifications.

asset criticality

Determining the asset on which data is located.

sensitive data exposure

Disclosing sensitive data to attackers.

enumeration

Extracting data on an asset to be used in a vulnerability scan.

True or False: A dynamic link library (DLL) is software that controls and operates an external hardware device that is connected to a computer.

False

True or False: Unlike a penetration test, a vulnerability scan is designed to identify deep vulnerabilities.

False

True or false: Saving files to provide an audit trail and review any remediations is not at all critical.

False

Which of the following is NOT a regulatory compliance law or regulation that requires a vulnerability scan?

Federal Education Rights and Privacy Act (FERPA)

regulatory requirements

Following specific actions mandated by an external regulatory body.

What is the older version of Nessus known as

GNessUs

business process interruption

Hindering the normal operations of a business.

An application has inadvertently externally exposed a reference to an internal object. What is this called?

Insecure object reference

Aegeus has been asked to create a report outlining the security risk of improper error handling. Which of the following would Aegeus include on his report?

It could potentially provide an attacker to the underlying OS.

priority systems

Key critical devices in an operational process.

technical constraints

Limitations based on technology.

Passive scanning

Listening for normal traffic to learn the needed information for a vulnerability scan.

Which of the following is NOT a network-based poor authentication practice?

Not using a password manager to generate, store, and autofill passwords

Which of the following is NOT an external software component that could be targeted in an attack?

ORP

legacy systems

Older systems with specialized software that cannot be easily replaced.

What does OpenVAS stand for

Open Vulnerability Assessment System

Which of the following options are common hurdles in vulnerability scanning activities?

Operational Schedules Business Process Interruption Correct Scoping Network Bandwidth Consumption

Which of the following is NOT a reason to conduct a vulnerability scan?

Perform an in-depth analysis of the vulnerabilities.

How can the impact of a vulnerability scan on workflow be mitigated?

Perform the scans at night.

Active scanning

Sending test traffic transmissions into the network to monitor the responses of the endpoints.

Which of the following is a type of vulnerability scanner that pulls information from the system?

Server based

Chiara is reviewing different types of vulnerability scanners, and she finds one type that uses pull technology. Which of the following types uses pull technology?

Server-Based

sensitivity level

The depth of a vulnerability scan.

insufficient monitoring and logging

The failure to analyze log files for meaningful insights.

false negative

The failure to raise an alarm when a vulnerability exists.

degrading functionality

The result of addressing a vulnerability that may change or even eliminate a function of an application for the sake of making it more secure.

Organizational governance

The system by which an organization makes and then implements decisions.

scope

The target devices to be analyzed in a vulnerability scan.

Which of the following steps define scope?

The type of scan that you can perform The assets that you can scan Time of the scan

Dimitri is studying the programming language C and wants to use the internal function strcpy. What is the problem associated with using this function?

This function does not check the length of the destination buffer into which the string is being copied.

Alexsanteri is holding a coding workshop for employees interested in advanced IT positions at his organization. The topic under discussion is dereferences. How would Alexsanteri define a dereference?

To dereference a pointer is to access the value stored in memory that the pointer is pointing to.

True or False: A dereference is to obtain from a pointer the address of a data item held in another location.

True

True or False: A race condition in software occurs when two concurrent threads of execution access a shared resource simultaneously, resulting in unintended consequences.

True

True or False: OpenVAS can be used in conjunction with other Kali tools.

True

True or False: There are five types of vulnerability scans over assets: network, endpoint, wireless network, database, and applications.

True

True or false: It is critical to define the scope of a vulnerability scan.

True

True or false: Nessus is a useful tool when preventing attacks as it identifies vunlerabilities that a hacker may use to penetrate your network.

True

Which of the following is NOT a weak configuration that can result in vulnerabilities?

Using current configurations instead of deprecated settings.

broken authentication

Vulnerabilities introduced by poor authentication practices that can open a broad pathway for a threat actor to exploit.

In comparison to Nessus, OpenVAS can be used:

without a user having knowledge on which vulnerabilities to look for specifically


Conjuntos de estudio relacionados

PSY 330 Chapter 9, STUDY NOTES SOCIAL PSYCH FINAL

View Set

Taxation of Life Insurance and Annuities - Premiums and Proceeds (chapter 10)

View Set

Chapter 52: Nursing Management: Patients With Dermatologic Problems

View Set

PSYCH chapter 14 (question samples)

View Set

Vancomycin-Resistant Enterococci (VRE)

View Set

IS 310 Chapter 4-1 (CPU Operation)

View Set