COPY: Cybersecurity CH3: Information Risk Assessment by Dr. Sanaa Taha
10 Questions
0 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

What does the CVSS model aim to provide?

  • An encrypted communication channel
  • An open source framework
  • A common way to describe vulnerabilities (correct)
  • A closed system for measuring vulnerabilities
  • What is defined as a vulnerability by the CVSS model?

  • A security feature of an application
  • A weakness of a device or application that could lead to a failure of confidentiality, integrity, or availability (correct)
  • A strength of a system
  • A minor bug in the system
  • What is the highest numeric value a vulnerability can be assigned on the CVSS scale?

  • 1.0
  • 100.0
  • 10.0 (correct)
  • 5.0
  • Which standard recommends the use of CVSS for evaluating vulnerabilities?

    <p>PCI DSS</p> Signup and view all the answers

    What is the main purpose of the Common Vulnerabilities and Exposures (CVE) dictionary identifier?

    <p>To uniquely identify vulnerabilities</p> Signup and view all the answers

    'CVSS Metrics' assigns a numeric value on a scale from _____ to _____?

    <p>-10.0 to 10.0</p> Signup and view all the answers

    What is NOT included in each NVD entry?

    <p>A software patch to fix the vulnerability</p> Signup and view all the answers

    What is the maximum CVSS score that can represent the most severe security issue?

    <p>10.0</p> Signup and view all the answers

    What is the purpose of CVSS metrics?

    <p>To generate numeric scores based on vulnerability characteristics</p> Signup and view all the answers

    What is the main goal of providing links to websites and references in each NVD entry?

    <p>To help users find solutions for vulnerabilities</p> Signup and view all the answers

    More Like This

    Use Quizgecko on...
    Browser
    Browser