Question | Answer |
vulnerability assessment | systematic evaluation of asset exposure |
asset | an item that has positive value |
asset identification | process of inventorying items |
common threat agents | natural disasters |
common threat agents | compromise of intellectual property |
common threat agents | espionage |
common threat agents | hardware failure or errors |
common threat agents | sabotage or vandalism |
common threat agents | software attacks |
common threat agents | software failure or errors |
common threat agents | technical obsolescence |
common threat agents | theft |
common threat agents | utility interruption |
aspects of vulnerability assessment | asset identification |
aspects of vulnerability assessment | threat evaluation |
aspects of vulnerability assessment | vulnerability appraisal |
aspects of vulnerability assessment | risk assessment |
threat evaluation | pressures are against assets |
identify what needs to be protected | asset identification |
how susceptible is the current protection | vulnerability appraisal |
what damages could result from the threats | risk assessment |
what to do about it | risk mitagation |
common assests | people |
common assests | physical assets |
common assests | data |
common assests | hardware |
common assests | software |
after the inventory of assets | determine each items relative value |
threat agents | any person or thing with the power to carry out a threat against an asset |
threat modeling | understand attackers and their methods often done by constructing scenarios |
attack tree | provides a visual representation of potential attacks an inverted tree structure |
vulnerability appraisal | where are our weak spots |
risk assessment | determining the damage that would come from an attack |
vulnerability appraisal | take a snapshot of the current security of the organization |
vulnerability appraisal | catalog each vulnerability |
risk assessment | assess that that vulnerability is a risk to the organization |
outsourcing | transfer the risk to a third party |
three options when confronted with a risk | diminsh,transfer, accept the risk |
vulnerability impact scale | no impact |
vulnerability impact scale | small impact |
vulnerability impact scale | significant |
vulnerability impact scale | major |
vulnerability impact scale | catastrophic |
single loss expectancy | expected monetary loss every time a risk occurs |
annualized loss expectancy | expected monetary loss that can be expected for an asset due to a risk over a one year period |
annualized rate of occurence | probability that a risk will occur in a particular year |
ALE | SLE * ARO |
SLE | AV * EF |
risk mitagation | what to do about the risks |
risk identification steps | asset identification |
risk identification steps | threat identification |
risk identification steps | vulnerability appraisal |
risk identification steps | risk assessment |
risk identification steps | risk mitagation |
baseline | imaginary line by which an element is measured or compared |
baseline reporting | comparison of the present state of a system compared to its baseline |
architectural design | |
design review | |
code review | |
attack surface | |
software development process | requirements |
software development process | design |
software development process | implementation |
software development process | verification |
software development process | release |
software development process | support |
assessment tools | help personnel identify security weakness |
assessment tools | port scanners |
assessment tools | protocol analyzers |
assessment tools | vulnerability scanners |
assessment tools | honeypots |
assessment tools | honeynets |
port numbers | sixteen bits in length |
well known ports | 0 - 1023 |
registered ports | 1024 - 49151 |
dynamic ports | 49152 - 65535 |
private ports | dynamic ports |
open port | application or service assigned to that port is listening for instructions |
closed port | no process is listening at this port |
blocked port | the host system does not reply to any inquiries |
protocol analyzer | sniffer |
port 20 | ftp |
port 22 | ssh |
port 23 | telnet |
port 69 | tftp |
port 80 | http |
port 139 | netbios |
port 443 | https |
port 989 | ftps |
well known port number | reserved for the most universal applications |
registered port numbers | other applications that are not widely used |
dynamic ports | available for use by any application |
process | program running on one system |
ip address | used to uniquely identify each network device |
port number | tcp/ip uses a numeric value as an identifier to applications and services on these systems |
protocol analyzer | hardware or software that captures packets to decode and analyze its contents |
protocol analyzers | can fully decode application layer protocols http ftp |
promiscuous mode | the strength of a protocol analyzer is that it places the computers nic adapter |
port scanner software | searches system for port vulnerabilities |
tcp connect scanning | |
tcp syn scanning | |
tcp fin scanning | |
stealth scans | |
xmas tree port scans | |
vulnerability scanners | maintains a database that categorizes and describes the vulnerabilities it detects |
vulnerability scanners | intended to identify vulnerabilities and alert network admins |
honeypot | pc typically located in an area with limited security and loaded with software and data files that appear to be authentic yet they are actually imitations of real data files |
honeynet | network setup with intentional vulnerabilities |
assessment tool problem | no standard for collecting,analyzing,and reporting vulnerabilities |
oval | open vulnerability and assessment language |
oval | common language for the exchange of info regarding security vulnerabilities |
oval vulnerability definitions are recorded in | xml |
oval vulnerability queries are accessed in | sql |
vulnerability assessment procedures | scanning |
vulnerability assessment procedures | penetration testing |
penetration testing | pentest |
pentest | designed to exploit any weakness in systems that are vulnerable |
vulnerability scanning | inside the building |
penetration testing | outside the building |
penetration testing | purposely trying to break into the network from outside the building.trying to do damage. |
different penetration testing techniques | black box test |
different penetration testing techniques | white box test |
different penetration testing techniques | gray box test |
security posture | an approach,philosophy or strategy regarding security |
elements that makeup a security posture | initial baseline configuration |
elements that makeup a security posture | continuous security monitoring |
elements that makeup a security posture | remediation |
standards in mitagating and deterring attacks | security posture |
standards in mitagating and deterring attacks | configuring controls |
standards in mitagating and deterring attacks | hardening |
standards in mitagating and deterring attacks | reporting |
reporting | alarms alerts trends |
types of hardening techniques | protect accounts with passwords |
types of hardening techniques | disabling unnecessary accounts |
types of hardening techniques | disabling unnecessary services |
types of hardening techniques | protecting management interfaces and applications |
configuring controls | detection,cameras |
configuring controls | prevention,locked doors |
configuring controls | firewalls |
purpose of hardening | eliminate as many security risks as possible |