Cybersecurity Protocols and Vulnerabilities

Questions and Answers

Which of the following should the analyst recommend be updated first to meet the security requirements and reduce risks?

VM_PRD_Web01 (correct)

VM_DEV_Web02

VM_PRD_DB

VM_DEV_DB

Which of the following CVE metrics would be most accurate for this zero-day threat?

CVSS: 31/AV: N/AC: L/PR: N/UI: N/S: U/C: H/I: H/A: L (correct)

CVSS: 31/AV: L/AC: L/PR: R/UI: R/S: U/C: H/I: L/A: H

CVSS: 31/AV: K/AC: L/PR: H/UI: R/S: C/C: H/I: H/A: L

CVSS: 31/AV: N/AC: L/PR: N/UI: H/S: U/C: L/I: N/A: H

Which of the following communication plans should the CEO initiate following the compromise of a confidential trade secret?

Alert department managers to speak privately with affected staff. (correct)

Disclose to all affected parties in the Chief Operating Officer for discussion and resolution.

Verify legal notification requirements of PII and SPII in the legal and human resource departments.

Schedule a press release to inform other service provider customers of the compromise.

Which piece of data should be collected first to preserve sensitive information before isolating the server?

Hard disk

Study Notes

Security Requirements and Recommendations

• A company has strict security requirements: no public IPs, all data secured at rest, and no insecure ports/protocols.
• A security analyst needs to address misconfigurations reported by a cloud scanner.
• VM_PRD_Web01 should be updated first due to having a public IP and open port 80, violating security policies.
• The recommendation for VM_PRD_Web01 includes changing to a private IP and closing port 80 or using HTTPS.

Zero-Day Vulnerability Metrics

• A zero-day vulnerability is being actively exploited, requiring no user interaction and significantly affecting confidentiality and integrity but not availability.
• CVSS (Common Vulnerability Scoring System) metrics for this threat are:
  • AV: N (Network),
  • AC: L (Low),
  • PR: N (None),
  • UI: N (None),
  • S: U (Unchanged),
  • C: H (High),
  • I: H (High),
  • A: L (Low).
• The chosen option for the CVSS metrics accurately describes the vulnerability scenario.

Communication Plans for Data Compromise

• In response to a confidential trade secret compromise, the CEO should direct department managers to have private discussions with affected staff.
• It's crucial to maintain confidentiality and avoid public disclosure of sensitive information.
• Verification of legal notification requirements regarding personally identifiable information (PII) and sensitive personal information (SPII) is also essential.

Incident Response and Evidence Collection

• An incident response team secures Indicators of Compromise (IoCs) found on a critical server.
• The first step is to collect the hard disk for preservation of sensitive information.
• The hard disk contains all data and files, making it critical for further investigation before isolating the server.

Description

This quiz covers essential cybersecurity protocols and metrics, including security requirements for cloud configurations and understanding zero-day vulnerabilities. Test your knowledge on common vulnerability scoring systems (CVSS) and their implications for security policies.