Save
Busy. Please wait.
Log in with Clever
or
show password
Forgot Password?
Don't have an account?  Sign up 
Sign up using Clever
or
Username is available taken
show password


Make sure to remember your password. If you forget it there is no way for StudyStack to send you a reset link. You would need to create a new account. Your email address is only used to allow you to reset your password. See our Privacy Policy and Terms of Service.

Already a StudyStack user? Log In

Reset Password
Enter the associated with your account, and we'll email you a link to reset your password.
focusNode
Didn't know it?
click below
 
Knew it?
click below
Don't Know
Remaining cards (0)
Know
0:00
edit
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.

  Normal Size     Small Size show me how

CySA+ Domain 2

CompTIA CySA+ Domain 2: Vulnerability Management Study Guide Q&As

QuestionAnswer
What is asset discovery in vulnerability management? The process of identifying and cataloging all devices, systems, and applications within an organization's environment.
What are map scans used for? To visualize network topology and identify connected devices.
What is device fingerprinting? Identifying device types, operating systems, and services running on networked systems.
Why is scheduling important in vulnerability scanning? To minimize business disruption and ensure scans are performed regularly and at appropriate times.
What operational considerations should be made during vulnerability scanning? Coordinating with stakeholders, minimizing impact on critical systems, and communicating scan windows.
How does scan performance affect vulnerability management? High scan loads can impact network and system performance; performance must be balanced with thoroughness.
What are sensitivity levels in scanning? Settings that determine how aggressive or cautious a scan is, balancing detection with system stability.
Why is segmentation important in vulnerability scanning? To ensure all network segments are scanned, including those separated by firewalls or VLANs.
What are regulatory requirements in vulnerability scanning? Compliance mandates that dictate how and when scans must be performed (e.g., PCI DSS, HIPAA).
What is the difference between internal and external scanning? Internal scans assess vulnerabilities from within the network; external scans assess the attack surface from outside.
What is agent-based scanning? Scanning that uses installed software agents on endpoints for deeper visibility and continuous monitoring.
What is agentless scanning? Scanning performed remotely without installing software on target systems.
What is credentialed scanning? Scanning with valid credentials to access system internals, providing more accurate results.
What is non-credentialed scanning? Scanning without credentials, simulating an external attacker’s perspective.
What is passive scanning? Monitoring network traffic to identify vulnerabilities without actively probing systems.
What is active scanning? Directly probing systems and services to identify vulnerabilities.
What is static analysis? Examining code or configurations without executing them to find vulnerabilities.
What is dynamic analysis? Testing applications or systems during runtime to identify vulnerabilities.
What is reverse engineering in vulnerability assessment? Analyzing software to understand its structure, functionality, and potential vulnerabilities.
What is fuzzing? Automated testing that inputs random or malformed data to find vulnerabilities.
What is operational technology (OT) in vulnerability management? Systems used to control industrial processes, requiring special scanning considerations.
What are industrial control systems (ICS)? Specialized systems (like SCADA) used in critical infrastructure, often requiring non-intrusive assessment.
What is security baseline scanning? Comparing systems against a set of security standards or benchmarks to identify deviations.
What are industry frameworks relevant to vulnerability management? PCI DSS, CIS benchmarks, OWASP, ISO 27000 series.
What is the purpose of network scanning and mapping tools like Angry IP Scanner and Maltego? To discover devices, map networks, and gather information for vulnerability assessment.
What are web application scanners such as Burp Suite and ZAP used for? To identify vulnerabilities in web applications.
What is Nessus? A widely used vulnerability scanner for identifying security issues in systems and networks.
What is OpenVAS? An open-source vulnerability scanner used for comprehensive assessments.
What are debuggers like Immunity Debugger and GDB used for? Analyzing software at runtime to find and exploit vulnerabilities.
What is Nmap used for? Network discovery, port scanning, and service enumeration.
What is the Metasploit Framework (MSF)? A penetration testing platform for developing and executing exploits.
What is Recon-ng? A web reconnaissance framework for gathering open-source intelligence.
What is Scout Suite? A multi-cloud security auditing tool.
What is Prowler? An AWS security assessment tool based on CIS benchmarks.
What is Pacu? An AWS exploitation framework for testing cloud security.
What is the Common Vulnerability Scoring System (CVSS)? A standardized method for rating the severity of vulnerabilities.
What are attack vectors in CVSS? The paths or means by which an attacker can exploit a vulnerability.
What is attack complexity in CVSS? The level of difficulty required to exploit a vulnerability.
What does privileges required mean in CVSS? The level of access an attacker needs to exploit a vulnerability.
What is user interaction in CVSS? Whether exploitation requires a user to take action.
What is scope in CVSS? Whether exploitation affects only the vulnerable component or other components as well.
What are the three impact metrics in CVSS? Confidentiality, Integrity, Availability.
What is confidentiality impact? The degree to which data is exposed or disclosed.
What is integrity impact? The degree to which data is altered or tampered with.
What is availability impact? The degree to which system or data availability is affected.
What is validation in vulnerability analysis? Confirming whether identified vulnerabilities are real and exploitable.
What is a true positive in vulnerability scanning? A correctly identified vulnerability that actually exists.
What is a false positive in vulnerability scanning? A reported vulnerability that does not actually exist.
What is a true negative in vulnerability scanning? No vulnerability exists and none is reported.
What is a false negative in vulnerability scanning? A vulnerability exists but is not detected by the scan.
What is context awareness in vulnerability analysis? Understanding the environment (internal, external, isolated) to prioritize vulnerabilities.
What is exploitability/weaponization? The likelihood and ease with which a vulnerability can be exploited.
Why is asset value important in vulnerability management? High-value assets require higher priority for remediation.
What is a zero-day vulnerability? A previously unknown vulnerability with no available patch.
What is cross-site scripting (XSS)? An attack that injects malicious scripts into web pages viewed by others.
What is reflected XSS? XSS where the malicious script is reflected off a web server in an immediate response.
What is persistent XSS? XSS where the malicious script is stored on the server and served to multiple users.
What are overflow vulnerabilities? Flaws where excess data overwrites memory, leading to potential code execution.
What is a buffer overflow? When more data is written to a buffer than it can hold, overwriting adjacent memory.
What is an integer overflow? When an arithmetic operation exceeds the maximum value a variable can store.
What is a heap overflow? Overflow that occurs in the heap memory area, potentially allowing arbitrary code execution.
What is a stack overflow? Overflow that occurs in the stack memory area, potentially allowing control of program execution.
What is broken access control? When users can access resources or functions they should not be able to.
What are cryptographic failures? Weaknesses in encryption or key management that can lead to data exposure.
What are injection flaws? Vulnerabilities where untrusted data is sent to an interpreter as part of a command or query.
What is cross-site request forgery (CSRF)? An attack that tricks a user into executing unwanted actions on a web application where they are authenticated.
What is directory traversal? An attack that allows access to files and directories outside the intended scope.
What is insecure design? Systems lacking security controls or designed without security in mind.
What is security misconfiguration? Improperly configured security settings that leave systems vulnerable.
What are end-of-life or outdated components? Software or hardware that no longer receives security updates, increasing risk.
What are identification and authentication failures? Weaknesses that allow attackers to bypass authentication mechanisms.
What is server-side request forgery (SSRF)? An attack where the server is tricked into making requests to unintended locations.
What is remote code execution? When an attacker can run arbitrary code on a target system.
What is privilege escalation? Exploiting a flaw to gain higher-level permissions than intended.
What is local file inclusion (LFI) and remote file inclusion (RFI)? Attacks that allow inclusion of files from the local file system or remote locations, leading to code execution.
What is a compensating control? An alternative security measure put in place when the primary control cannot be implemented.
What are the three main types of security controls? Managerial, Operational, Technical.
What are the three main control functions? Preventative, Detective, Responsive.
What is patching and configuration management? The process of updating and configuring systems to reduce vulnerabilities.
What are the four main steps in patching and configuration management? Testing, Implementation, Rollback, Validation.
What is a maintenance window? Scheduled time for updates or changes to minimize business disruption.
What is an exception in vulnerability management? A documented and approved deviation from standard security controls.
What are the four risk management principles? Accept, Transfer, Avoid, Mitigate.
What is attack surface management? Identifying, monitoring, and reducing the points where an attacker could compromise a system.
What is edge discovery in attack surface management? Finding and cataloging all internet-facing assets and entry points.
What is passive discovery? Identifying assets and vulnerabilities using non-intrusive methods like traffic analysis or DNS records.
What is security controls testing? Evaluating the effectiveness of security measures in place.
What is penetration testing and adversary emulation? Simulating real-world attacks to identify vulnerabilities and test defenses.
What is a bug bounty program? A program that rewards external researchers for finding and responsibly disclosing vulnerabilities.
What is attack surface reduction? Minimizing the number of potential entry points for attackers by disabling unnecessary services and hardening systems.
What are secure coding best practices? Techniques such as input validation, output encoding, session management, authentication, data protection, and parameterized queries to prevent vulnerabilities in software.
What is input validation? Verifying that data is correct and safe before processing it.
What is output encoding? Transforming output data to prevent injection attacks like XSS.
What is session management? Controlling user sessions securely to prevent hijacking and unauthorized access.
What is authentication in secure coding? Verifying the identity of users and preventing unauthorized access.
What is data protection in secure coding? Ensuring sensitive data is encrypted and handled securely throughout its lifecycle.
What are parameterized queries? Database queries that separate code from data to prevent SQL injection attacks.
What is the Secure Software Development Life Cycle (SDLC)? A process that integrates security into every phase of software development.
What is threat modeling? Identifying potential threats, vulnerabilities, and mitigation strategies during system design.
Created by: anapaulaseidel
Popular Computers sets

 

 



Voices

Use these flashcards to help memorize information. Look at the large card and try to recall what is on the other side. Then click the card to flip it. If you knew the answer, click the green Know box. Otherwise, click the red Don't know box.

When you've placed seven or more cards in the Don't know box, click "retry" to try those cards again.

If you've accidentally put the card in the wrong box, just click on the card to take it out of the box.

You can also use your keyboard to move the cards as follows:

If you are logged in to your account, this website will remember which cards you know and don't know so that they are in the same box the next time you log in.

When you need a break, try one of the other activities listed below the flashcards like Matching, Snowman, or Hungry Bug. Although it may feel like you're playing a game, your brain is still making more connections with the information to help you out.

To see how well you know the information, try the Quiz or Test activity.

Pass complete!
"Know" box contains:
Time elapsed:
Retries:
restart all cards