CS 205 Final Exam 2024 - Types of Security Testing and VM Lifecycle Steps

Questions and Answers

What is the main purpose of vulnerability assessment (VA) in security testing?

To identify weaknesses and security holes in IT assets (correct)

To automate the process of code review

To test the effectiveness of patches and fixes

To simulate real-world cyber attacks on systems

Which step in the VM lifecycle involves analyzing assets, examining IP subnets, and looking at potential network traffic issues?

Patch systems

Prepare scanner

Analyze assets (correct)

Assess results

What is the main goal of running a vulnerability scan in the VM lifecycle?

Generating a report for asset owners (correct)

Assessing network performance degradation issues

Applying patches and fixes

Monitoring the results of the scan

Which activity is NOT part of verifying (re-scanning) in the VM lifecycle?

Evaluating the effectiveness of patches and fixes

What is a common feature of vulnerability scanners like Open VAS, Nessus, Qualys, and Rapid7?

They offer free tools for security testing

In security testing, what distinguishes penetration testing (PT) from vulnerability assessment (VA)?

PT focuses on identifying weaknesses, while VA simulates malicious attacks

According to the given text, which team has primary ownership?

Information Security team

Who is responsible for testing patches in the environment based on the information provided?

IT Ops team

In the context of the provided information, what does 'SCAP-validated vulnerability scanner' primarily scan for?

Code-based vulnerabilities

Which of the following is NOT a stage of Info sec Governance Block as outlined in the text?

Monitoring Intermediate

From the details provided, which type of IT assets do not have a CIS/DISA STIG?

Virtual servers

What activity will be required if 'Recourse and priority' falls under 'Mature' according to the text?

Incident management

What is the purpose of checking the completeness and correctness of controls in the context of cyber security?

To enhance the organization's security posture

In the Cyber Security Maturity Matrix discussed, which level focuses on having Active Directory, Enterprise AV, and Windows OS licensed?

Foundation

What is the difference between a remote exploit and a local exploit?

Remote exploit works over a network without any prior access, while local exploit requires prior access to the vulnerable system.

Why is it important to use only fully supported web browsers & email clients in an organization?

To reduce security vulnerabilities

Which section of the Cyber Security Maturity Matrix focuses on having systems that are monitored regularly for threats?

Monitored

What is the primary reason for ensuring the use of only fully supported browser & email clients according to the text?

To maintain a secure IT environment by reducing vulnerabilities