Trend Micro and TippingPoint Zero Day Initiative Quiz

Questions and Answers

When did the Zero Day Initiative begin?

2005

What is the main purpose of the Zero Day Initiative?

To promote the responsible disclosure of vulnerabilities

How does the ZDI process begin?

An external or internal researcher submits a previously unpatched vulnerability to the ZDI

What is the next step after a vulnerability is submitted to the ZDI?

The Zero Day Initiative validates the vulnerability, determines its worth, and makes a monetary offer to the researcher

What does the ZDI do when a security flaw is identified in a vendor's product?

It responsibly and promptly notifies the appropriate product vendor

What does Trend Micro do when a security flaw is identified in a vendor's product?

Trend Micro works to create a Digital Vaccine filter to protect customers using TippingPoint solutions

How long does the vendor have to address the vulnerability with a patch?

Four months

What happens if the vendor is unable or chooses not to patch the vulnerability?

The Zero Day Initiative publicly discloses the details of the vulnerability on its website

What is the purpose of the Digital Vaccine filter created by Trend Micro?

To protect customers using TippingPoint solutions from the unpatched vulnerability

What is the common way to refer to the setup wizard?

Setup wizard

What type of cable is used for the initial setup?

Console cable

What settings are used for the terminal during initial setup?

115200/8/N/1 (no flow control)

What are the security settings for the 'None' level?

Passwords must be at least 8 characters and no more than 32. Must contain at least 2 alphabetic characters. Must contain at least 1 numeric character. Must contain at least 1 non-alphanumeric character.

What is the length requirement for user names at the 'High' security level?

At least 6 characters

What are the password length requirements at the 'Medium' security level?

32 characters

What are the user name and password requirements at the 'Low' security level?

User names and passwords are unrestricted. Must contain at least 15 characters. Must contain at least 1 uppercase character. Must contain at least 1 lowercase character. Must contain 1 numeric character. Must contain 1 non-alphanumeric character. Must be different from the previous password in at least half of the corresponding character positions.

What is created once the security level is set?

Initial super user account

In the example, what name is used for the initial super user account?

SuperMan

What is the typical response time for Actively Exploited Vulnerabilities / Zero Day Vulnerabilities?

4 - 24 Hrs

When does Trend Micro respond to vulnerabilities after Microsoft Patch Tuesday?

Immediately after Microsoft ships patches

What is the typical response time for vulnerabilities with a CVSS score of 9.0 - 10.0?

Within 7 days

What is the typical response time for vulnerabilities with a CVSS score of 7.0 - 9.0?

Within 14 days

How many network protection filters are available out of the box?

Over 20,000 filters

Explain the concept of simple exploit filters.

Simple exploit filters simplify signatures to the simplest level and disregard checking for ALL necessary conditions for a particular attack.

What is the main reason for False Positives in IDSs?

The 90:10 rule, where only 10% of the work is done to be 90% right, leaving the final 10% up to the security admin to figure out.

How do hardware platforms like Trend Micro's avoid the trade-offs faced by software systems?

Hardware platforms like Trend Micro's do not face the same trade-offs as software systems.

Why do IDSs traditionally simplify signatures to the simplest level?

To avoid slowing down the system or needing to remove something to maintain performance.