click below
click below
Normal Size Small Size show me how
Security+ Chapter 5
Security+ Chapter 5 Review Questions
Question | Answer |
---|---|
Name five factors that influence how often an organization decides to conduct vulnerability scans against its systems. | Risk appetite, regulatory requirements, technical constraints, business constraints, and licensing limitations |
Give some examples of controls that might affect scan results. | Firewall settings, network segmentation, intrusion detection systems (IDS), and intrusion prevention systems (IPS) |
Name all three techniques used by application testing | Static testing, dynamic testing, interactive testing |
What information does the output section provide on the report? | The output section of the report shows the detailed information returned by the remote system when probed for the vulnerability. |
What information does the port/hosts section provide on the report? | The port/hosts section provides details on the server(s) that contain the vulnerability as well as the specific services on that server that have the vulnerability. |
List all eight CVSS metrics | attack vector metric, attack complexity metric, privileges required metric, user interaction metric, confidentiality metric, integrity metric, availability metric, and scope metric |
Please interpret the following CVSS vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | •Attack Vector: Network (score: 0.85)•Attack Complexity: Low (score: 0.77) • Privileges Required: None (score: 0.85) •User Interaction: None (score: 0.85) •Scope: Unchanged• Confidentiality: High (score: 0.56)• Integrity: None •Availability: None |
What is the function to calculate the impact sub-score? | ISS = 1 – [(1 – Confidentiality) x (1-Integrity) x (1-Availability)] |
How do you calculate the impact score for a vulnerability under CVSS? | Impact score = the value of the scope metric * ISS |
How do you calculate the exploitability score for a vulnerability under CVSS? | Exploitability = 8.22 × AttackVector × AttackComplexity × PrivilegesRequired x UserInteraction |
Explain true positive, false positive, true negative, and false negative | When a vulnerability scanner reports a vulnerability, this is known as a positive report. When a scanner reports that a vulnerability is not present, this is a negative report. |
Give three valuable information sources for reconciling scan results. | • Log reviews from servers, applications, network devices • Security information and event management systems that correlate log entries from multiple sources and provide actionable intelligence • Configuration management systems |
Give some examples of weak configurations | • The use of default settings that pose a security risk • The presence of unsecured accounts • Open ports and services • Open permissions that allow users access which violates the principle of least privilege |
Name two choices you need to make when you implement encryption. | • The algorithm to use to perform encryption and decryption • The encryption key to use with that algorithm |
What are the benefits of penetration testing? | 1. Penetration testing provides us with knowledge that we can’t obtain elsewhere 2. In the event that attackers are successful, penetration testing provides us with an important blueprint for remediation |
What are three typical classifications that are used to describe penetration test types? | White box, black box, gray box |
Identify four key phases of a penetration test. | Initial access, privilege escalation, pivoting (lateral movement), and persistence |
Name the three teams that participate in a cybersecurity exercise | Red team, blue team, and white team |