Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
CompTIA Security+
SYO-701-CH-16
| Question | Answer |
|---|---|
| A __ scan operates with restricted privileges and can only identify vulnerabilities that are visible from the network. | non-credentialed |
| A __ scan is more powerful version of a vulnerability scanner, with elevated privileges, and able to view info from both native and third-party software | credentialed |
| Type of scans that reveal outdated software, misconfigurations, known security flaws and missing patches. | Vulnerability |
| ___ categorizes vulnerabilities based on severity and help organizations prioritize which issues to address first. | Common Vulnerability Scoring System (CVSS) |
| A network-based vulnerability scanner, is a widely used tool that provides a versatile platform for conducting both credentialed and non-credentialed scans. | Nessus |
| A framework that enables compatible vulnerability scanners to see whether a computer adheres to a predefined configuration baseline. | Security Content Automation Protocol (SCAP) |
| An XML-based schema designed to describe the security state of a system and query information related to vulnerabilities. | Open Vulnerability and Assessment Language (OVAL) |
| An XML schema used to create and audit best practice configuration checklists and rules, and introduces a machine readable format. | Extensible Configuration Checklist Description Format (XCCDF) |
| Application scanners are crucial for identifying vulnerabilities such as ___ within applications. | SQL injection, Cross-Site Scripting (XSS), and authentication flaws |
| __ scanners simulate real-world attacks by sending crafted requests and observing how an application responds, and assists with the security of web-based software | Web application |
| __ is a database of publicly disclosed cybersecurity vulnerabilities and exposures that is maintained by the MITRE Corporation, helping organizations manage the security of their systems against known vulnerabilities. | Common Vulnerabilities and Exposures (CVE) list |
| CVE-2023-5752 means | That this was vulnerability 5752 in the year 2023. |
| __ are curated streams of real-time information that provide insights into current and emerging cyber threats. | Threat feeds |
| __ is part of a government agency that provides threat feeds with information on threats that may have national or global significance | Cybersecurity and Infrastructure Security Agency (CISA) |
| ___ feeds gather data from public sources, including forums, social media, and dark web monitoring | Open Source Intelligence (OSINT) |
| A non-profit organization that improves web security by offering free articles, methodologies, documentation, tools, and technologies in the fields of IoT, system software and web application security | Open Web Application Security Project (OWASP) |
| ___ refers to the collection and analysis of free and publicly available threat intelligence information donated by multiple cybersecurity organizations and individuals. | Open Source Intelligence (OSINT) |
| OSINT provides sources of threat intelligence such as? | Websites and forums, news and media, government reports, and blogs and research papers |
| A standardized language developed by MITRE and formated for representing threat info, and can be packaged and used to share threats, vulnerabilities, and incidents between organizations and vendors | Structured Threat Information Expression (STIX) |
| Companion app to STIX, which is a protocol that enables the automated exchange of cyber threat intelligence | TAXII |
| TAXII works with___, using this formatting to distribute Cyber Threat Intelligence (CTI) over HTTP. | STIX |
| A search engine for IoT and connected devices that scans the web, indexing info about the internet-connected devices and services | SHODAN |
| ___ are collaborative platforms on which cybersecurity practitioners, experts, government agencies, and private-sector entities converge, facilitating chance of threat intelligence, insights, and best practices | Information-Sharing Organizations (ISOs) |
| information left by cyber attackers. IOCs including malicious IP addresses, malware signatures, and suspicious URLs. | Indicators of Compromise (IOCs) |
| The __ framework provides information on adversaries, tactics, techniques, and common threats. | MITRE ATTACK |
| ISO involving an alliance of cybersecurity organizations and companies that share threat intelligence and defend against cyber threats | Cyber Threat Alliance (CTA) |
| A program led by the US government, enabling sharing cyber threat indicators and defensive measures, allowing members to share and receive threat info to strengthen security | Automated Indicator Sharing (AIS) |
| Global organization merging incident response and security teams from various industries and regions, facilitating collaboration and info sharing to improve incident response practices | Forum of Incident Response and Security Teams (FIRST) |
| Sector specific organizations prioritizing threat intelligence within specific industries or critical infrastructure sectors, such as Financial services, Healthcare,Public Health, and Electricity Information Sharing and Analysis Center | Information Sharing and Analysis Centers (ISACs) |
| Focused on State, Local, Tribal, and Territorial government entities in the US, providing info, analysis, and resources to help strengthen cybersecurity defenses | Multi-State Information Sharing and Analysis Center (MS-ISAC) |
| Type of program that invites ethical hackers to discover and report vulnerabilities, rather than to exploit them maliciously | Responsible Disclosure program (sometimes referred to as a bug bounty program) |
| In a Bug Bounty Program the bounty tester is not given any internal info that might compromise their system, and cheaper than a pen tester, True or False? | True |
| Benefits of compliance audits | Uncover redundancies and inefficiencies, verify compliance and avoid legal consequences, and improved product and service quality |
| Empowers organizations to identify, assess, and prioritize vulnerabilities in a dynamic legal landscape. | Vulnerability analysis |
| The process of categorizing vulnerabilities based on their potential impact and the severity of the risk they pose, and involve CVE and CVSS. | Prioritization |
| ___, a not-for-profit organization, takes the lead in managing and curating the CVE list | MITRE |
| Vulnerability scanners rely on the ___ to cross-reference vulnerabilities in an organization’s systems. | CVE list |
| the vulnerability scanner may use the __ to determine the score (or severity) of the vulnerability. | CVSS |
| Is a standardized system for assessing the severity of vulnerabilities, according to thing like impact, exploit-ability, and ease of remediation | CVSS |
| CVSS score 9 - 10 | Critical |
| CVSS score 7 - 8.9 | High |
| CVSS score 4 - 6.9 | Medium |
| CVSS score 0.1 - 3.9 | Low |
| Vulnerabilities can be classified based on their ___ or ___ | Source, impact |
| Helps organizations gauge the potential impact of a vulnerability if exploited, and quantifies the loss an organization may experience due to a successful attack | Exposure factor |
| Influence the severity and urgency of addressing vulnerabilities, such as organization specific infrastructure, industry and regulatory environment | Environmental variables |
| ___ gauges how vulnerabilities might affect an organization, encompassing financial loss, reputational damage, operational disruption, or regulatory penalties. | Vulnerability analysis |
| ___ is about how much risk an organization or person can bear or tolerate. | Risk tolerance |
| Involves regularly updating software, apps, and systems to address known vulnerabilities | Patching |
| Serves as a financial safety net, providing coverage for potential losses resulting from cyber incidents | Cybersecurity Insurance |
| Re-scanning facilitates | validation of effectiveness and compliance, and identifies new issues |
| An examination of the entire remediation process, including the steps taken to address vulnerabilities, and are often conducted internally or by third-party assessors | Audit |
| ___, in the context of validation of remediation, involves ongoing monitoring and assurance that vulnerabilities remain mitigated over time. | Verification |
| ___ monitoring monitors for new vulnerabilities or changes that may reintroduce risks | Continuous |
| ___ assessments help ensure that vulnerabilities don't resurface and that remediation remains effective | Periodic assessments |
| Involves taking the appropriate actions to re-remediate and maintain the security posture | Adaptive responses |
| A summary of the current vulnerability landscape, including the total number of vulnerabilities, their severity distribution, and trends over time. | Vulnerability overview |
| Relate detailed information on the varying levels of severity for identified vulnerabilities, and those of the highest priority that require immediate attention should be highlighted. | CVSS scores |
| An update on the status of remediation efforts, including the number of vulnerabilities addressed and those still pending. | Remediation progress |
| Involves a report including metrics by which to measure vulnerability management activities that have contributed to reducing the cybersecurity risk | Risk reduction |
| ___ is the ideal source for tracking and documenting an adversary's tactics, techniques, and procedures | MITRE ATTACK |
Created by:
user-1837556