Advanced Cyber: Ch 13: Vulnerability Assessment & Data Security

Ace your homework & exams now with Quizwiz!

risk associated with use of private data

1)Individual inconveniences & identity theft 2) Associations with groups 3) statistical inferences

Netcat

A command-line alternative to Nmap with additional features scanning for vulnerabilities.

vulnerability appraisal

A current snapshot of the security of an organization.

vulnerability scanner

A generic term that refers to products that look for vulnerabilities in networks or systems.

honeynet

A network set up with intentional vulnerabilities. Its purpose is to invite attacks so that the attacker's methods can be studied.

Nmap

A network utility designed to scan a network and create a map. Frequently used as a vulnerability scanner. Nmap is a GUI utility.

Active Reconnaissance

A penetration testing method used to collect information. It sends data to systems and analyzes responses to gain information on the target.

password cracker

A program that uses the file of hashed passwords and then attempts to break the hashed passwords offline.

intrusive vulnerability scan

A scan that attempts to penetrate the system in order to perform a simulated attack.

non-credentialed vulnerability scan

A scan that does not use credentials (username and password) to conduct an internal vulnerability assessment.

credentialed vulnerability scan

A scan that provides credentials (username and password) to the scanner so that tests for additional internal vulnerabilities can be performed.

non-intrusive vulnerability scan

A scan that uses only available information to hypothesize the status of the vulnerability.

exploitation framework

A structure of exploits and monitoring tools used to replicate attacks during a vulnerability assessment.

Vulnerability assessment

A systematic and methodical evaluation of the exposure of assets to attackers, forces of nature, or any other entity that is a potential harm.

Gray box

A test where some limited information has been provided to the tester.

Passively testing security controls

A vulnerability scan that does not attempt to exploit any weaknesses that it finds but only reports back what it uncovers.

identify common misconfigurations

A vulnerability scan that looks for misapplied settings in hardware and software.

Identify lack of security controls

A vulnerability scan that looks for missing controls to establish a secure framework.

Identify Vulnerabilities

A vulnerability scan that looks to identify security weaknesses in a system.

passive scanner

A vulnerability scanner that can identify the current software operating systems and applications being used on the network, and indicate which devices might have a vulnerability. Can't take action to resolve security problems.

active scanner

A vulnerability scanner that sends "probes" to network devices and examine the responses received back to evaluate whether a specific device needs remediation. Can be used to simulate a network attack. Some can take to resolve specific security issues.

closed port

A(n) ____ indicates that no process is listening at this port.

open port

A(n) ____ means that the application or service assigned to that port is listening for any instructions.

penetration testing (pentest)

An authorized, network hacking process that will identify real world weaknesses in network security and document the findings.

vulnerability scan

An automated software search through a system for any known security weaknesses that then creates a report of those potential exposures.

Passive Reconnaissance

An information gathering technique in penetration testing where the pentester uses tools and techniques that make detection of activity difficult. The information is gathered without the target's knowledge and usually consists of open, available, and legal-to-acquire sources.

data sensitivity labeling

Applying the correct category to data to ensure proper data handling.

Open-Source Intelligence (OSINT)

Before carrying out an attack, a threat actor will typically gather open-source intelligence (OSINT) about their target. OSINT is information that is readily available to the public and doesn't require any type of malicious activity to obtain. Used in black & gray box testing.

risk assessment

Determining the damage that would result from an attack and the likelihood that the vulnerability is a risk to the organization.

legal and compliance issues

Following the requirements of legislation, prescribed rules and regulations, specified standards, or the terms of a contract.

Banner Grabbing

Gathering information from messages that a service transmits when another program connects to it.

wireless cracker

Hardware or software that tests the security of a wireless LAN system by attempting to break its protections of Wi-Fi Protected Access (WPA) or Wi-Fi Protected Access 2 (WPA2).

Data Retention

How long data must be kept and how it is to be secured.

threat evaluation

Identify what the pressures are against the company. Not limited to attackers, can include natural disasters, human error, hardware failures, etc.

Examples of vulnerability assessment tools

Include but are not limited to port scanners, protocol analyzers, vulnerability scanners, honeypots and honeynets, banner grabbing tools, crackers, and command line tools

Command Line Tools

Nslookup/dig, ARP, Ipconfig/Ifconfig, tcpdump ,nmap, netcat

wiping

Overwriting disk space with zeros or random data.

protocol analyzers

Protocol analyzers can be hardware- or software-based. Their primary function is to analyze network protocols such as TCP, UDP, HTTP, FTP, and more.

risk mitigation

Reducing the impact of a risk event by reducing the probability of its occurrence

Degaussing

The process of removing or rearranging the magnetic field of a disk in order to render the data unrecoverable

data sanitation tools

Tools that can be employed to securely remove data from electronic media.

port scanners

Tools used both by attackers and defenders to identify or fingerprint active computers on a network, the active ports and services on those computers, the functions and roles of the machines, and other useful information.

initial exploitation

Using information acquired to determine if it provides entry to the secure network.

honeypot

Vulnerable computer that is set up to entice an intruder to break into it. Intended to trick attackers into revealing their attack techniques

pulping

breaking paper media back into wood cellulose fibers after the ink is removed

persistence

endurance or "doggedness"/determination to continue to probe for weaknesses and exploit them

pulverizing

hammering paper records into dust

pivot

once inside the network, the tester attempts to move around inside the network to other resources. The pentester's goal is privilege escalation.

Asset identification

process of inventorying any item that has a positive economic value. (can include people, physical assets such as buildings, and IT assets - employee databases, inventory records, hardware, software, etc.)

hardening

purpose of hardening is to eliminate as many security risks as possible; hardening techniques include: protecting accounts with passwords; disabling unnecessary accounts; disabling unnecessary services; protecting management interfaces and applications

blocked port

the host system does not reply to any inquiries to this port number

privacy

the state or condition of being free from being observed or disturbed by other people.

Whitebox testing

the tester has an in-depth knowledge of the network and systems being testing, including network diagrams, IP addresses, and source code of custom applications.

Black Box Testing

the tester has no prior knowledge of the network infrastructure being tested

steganography assessment tools

tools that can be used to determine if the data is hidden well enough to thwart unauthorized users from finding the data

purging

using the operating system "delete" key to remove data files on electronic media... not an effective way to destroy data


Related study sets

Medical Ethics Final Chapters 1-13

View Set

Potter & Perry Ch 32 - Medication Administration (Practice Questions)

View Set

Econ 101 Chapter 6 Supply Demand and Government Policies

View Set

AP World Unit 2 Practice Questions

View Set

Chapter 20: Blood Vessels and Circulation

View Set

Slave Narrative-Honors English (Enderby/Hilty)

View Set