Vulnerability Management

Questions and Answers

What is vulnerability management?

• A one-time process of identifying vulnerabilities in a system
• A process of ignoring vulnerabilities in a system
• A cyclical practice that includes discovering assets, prioritizing and assessing vulnerabilities, reporting, remediating, and verifying (correct)
• A process of exploiting vulnerabilities in a system

What is the difference between a vulnerability and a security risk?

• A vulnerability is a weakness in a system that can only be exploited by insiders, while a security risk is a weakness that can be exploited by outsiders.
• A vulnerability and a security risk are the same thing
• A vulnerability is the potential for impact resulting from the exploit of a security risk, while a security risk is a weakness in a system that can be exploited
• A vulnerability is a weakness in a system that can be exploited, while a security risk is the potential for impact resulting from the exploit of a vulnerability (correct)

What is the most vulnerable point in most information systems?

• The hardware
• The software
• The network
• The human user (correct)

What is penetration testing?

A form of verification of the weakness and countermeasures adopted by an organization (C)

What is the defense-in-depth principle?

A multilayer defense system that can protect against attacks (D)

What is Common Vulnerabilities and Exposures (CVE)?

An incomplete list of publicly disclosed vulnerabilities maintained by Mitre Corporation (C)

What are the most common types of software flaws that lead to vulnerabilities?

Buffer overflows, SQL injection, and cross-site scripting (A)

What is a pure technical approach to security?

An approach that relies solely on technical protections to secure assets (A)

What are some examples of vulnerabilities?

Zero-day attacks, hardware vulnerabilities, and coding flaws (B)

Flashcards

What is Vulnerability Management?

A regular process for finding, prioritizing, fixing, and confirming that vulnerabilities are addressed in your systems.

What's the difference between a vulnerability and a security risk?

A vulnerability is a weakness that could be exploited, while a security risk is the potential bad thing that could happen if that weakness is exploited.

What's the most vulnerable point in most systems?

Often, the easiest way for someone to get in is by tricking a human user into doing something they shouldn't - like clicking on a bad link.

What is penetration testing?

This is like a security checkup where someone tries to find and exploit weaknesses in your systems just like a real attacker would.

What is the defense-in-depth principle?

This means putting up multiple layers of protection, so even if one layer is broken, the others can still protect your system.

What is CVE?

It's a list of known vulnerabilities that helps you identify and fix potential problems in your systems.

What are common software flaws?

These are common ways attackers exploit code, often found in software.

What is a pure technical approach to security?

Focusing only on technical tools to safeguard your assets.

Types of vulnerabilities?

These are various ways to exploit system weaknesses. For example, zero-day attacks exploit vulnerabilities that haven't been patched yet, and coding flaws are often accidental errors in the source code.

Study Notes

Exploitable Weakness in a Computer System:

• Vulnerabilities weaken the overall security of a computer system and can be exploited by attackers to perform unauthorized actions.
• Vulnerability management is a cyclical practice that includes discovering assets, prioritizing and assessing vulnerabilities, reporting, remediating, and verifying.
• A security risk is not the same as a vulnerability, as the risk is the potential for impact resulting from the exploit of a vulnerability.
• Vulnerabilities can be classified based on the asset class they are related to, and the most vulnerable point in most information systems is the human user.
• The impact of a security breach can be high, and IT managers have a responsibility to manage IT risk.
• Penetration testing is a form of verification of the weakness and countermeasures adopted by an organization.
• The defense-in-depth principle is a multilayer defense system that can protect against attacks.
• Mitre Corporation maintains an incomplete list of publicly disclosed vulnerabilities in a system called Common Vulnerabilities and Exposures (CVE).
• Vulnerabilities can manifest in software, hardware, site, personnel, and other aspects.
• The most common types of software flaws that lead to vulnerabilities include buffer overflows, SQL injection, and cross-site scripting.
• A pure technical approach cannot always protect physical assets, and technical protections do not necessarily stop social engineering attacks.
• Examples of vulnerabilities include zero-day attacks, hardware vulnerabilities, and coding flaws.

Description

Test your knowledge on exploitable weaknesses in computer systems with this informative quiz. Learn about the different types of vulnerabilities, their impact, and how they can be managed and secured against. Understand the importance of vulnerability management, the defense-in-depth principle, and the role of human users in information security. Challenge yourself with questions about software flaws, penetration testing, and the Common Vulnerabilities and Exposures list. This quiz is essential for anyone interested in IT risk management and staying ahead of potential security breaches.