Test Your Knowledge Questions Course 5, Module 3

Consider the following scenario: A cloud service provider has misconfigured a cloud drive. They've forgotten to change the default sharing permissions. This allows all of their customers to access any data that is stored on the drive. This misconfigured cloud drive is an example of what?

A vulnerability

Fill in the blank: A vulnerability ____ refers to the internal review process of an organization's security systems.

A vulnerability assessment is an internal review process of an organization's security systems.

An organization is attacked by a vulnerability that was previously unknown. What is this exploit an example of?

A zero-day refers to an exploit that was previously unknown.

What is the difference between an attack vector and an attack surface?

Attack vectors are the pathways threat actors use to penetrate security defenses. Attack surfaces are all the potential vulnerabilities that a threat actor could exploit.

What are two types of vulnerability scans?

Authenticated or unauthenticated and limited or comprehensive are two types of vulnerability scans. Internal and external is another common type of vulnerability scanning.

A security team is preparing new workstations that will be installed in an office. Which vulnerability management steps should they take to prepare these workstations?

Configure the company firewall to allow network access. Consider who will be using each computer. Download the latest patches and updates for each system.

Which steps are applied when using an attacker mindset?

Identifying a target, determining how they can be accessed, and evaluating their attack vectors are steps that are applied when using an attacker mindset.

An organization's firewall is configured to allow traffic only from authorized IP addresses. Which layer of the defense in depth model is the firewall associated with?

Network

What security strategy uses a layered approach to prevent attackers from gaining access to sensitive data?

Defense in depth

What phase comes after identifying a target when practicing an attacker mindset?

Determine how the target can be accessed.

What are examples of security hardening?

Disabling unused network ports, hashing all user passwords, and keeping systems patched and updated are examples of security hardening.

What are the goals of a vulnerability assessment?

The goals of a vulnerability assessment are to identify existing weaknesses and reduce overall threat exposure.

A project manager at a utility company receives a suspicious email that contains a file attachment. They open the attachment and it installs malicious software on their laptop. What are the attack vectors used in this situation?

The suspicious email The file attachment

What is the main goal of performing a vulnerability assessment?

To identify weaknesses and prevent attacks

What are the two types of attack surfaces that security professionals defend?

Physical Digital

How can businesses reduce the number of attack vectors they must defend?

Business can reduce the number of attack vectors they have by controlling access and authorization to assets, implementing security controls that protect information, and educating users so they can participate in preventing attacks.

A security researcher reports a new vulnerability to the CVE® list. Which of the following criteria must the vulnerability meet before it receives a CVE® ID?

Criteria that must be met are that vulnerabilities should be independently fixable and must have supporting evidence.

Consider the following scenario: You are working as a security professional for a school district. An application developer with the school district created an app that connects students to educational resources. You've been assigned to evaluate the security of the app. Using an attacker mindset, which of the following steps would you take to evaluate the application?

Evaluate how the app handles user data. Identify the types of users who will interact with the app.

Which of the following remediation examples might be implemented after a vulnerability scan?

Examples of remediations that might be performed after a vulnerability scan include training employees on new procedures and installing software updates and patches.

Which layer of the defense in depth strategy is a user authentication layer that mainly filters external access?

The perimeter layer consists of authentication technologies that let verified users in.

Which of the following are steps in the vulnerability management process

Vulnerability management is an internal process that includes identifying vulnerabilities and preparing defenses against threats.