1_7_2 Section 1 – Attacks, Threats, and Vulnerabilities - 1.7 – Security Assessments - Vulnerability Scans

Questions and Answers

What is the primary purpose of a vulnerability scan?

To gain access to the inner workings of devices

To perform penetration testing on networks

To determine potential vulnerabilities in systems (correct)

To encrypt data transmission over the internet

What is a port scan, and what does it do?

A scan that determines which ports are responding on an IP address (correct)

A process that encrypts data transmission over ports

A type of virus scan that targets network devices

A type of penetration test that targets user accounts

Why is Telnet considered a potential vulnerability?

Because it sends unencrypted data (correct)

Because it's only used for internal networks

Because it's an outdated protocol

Because it's commonly used by hackers

What is the key difference between a vulnerability scan and a penetration test?

One is used to identify vulnerabilities, while the other is used to exploit them

From whose perspective should vulnerability scans be performed?

From the perspective of the attacker

What types of devices should be included in vulnerability scans?

All devices connected to the network

What is the primary benefit of having the latest version of signatures for a vulnerability scanner?

To filter out invalid results and detect all vulnerabilities

What should you do if you encounter a false positive or false negative during a vulnerability scan?

Work with the scanner manufacturer to update the database

What is an alternative to using a formal vulnerability scanner to identify security issues?

Performing a configuration review of an operating system

What should you check on a workstation to ensure security?

All of the above

What is a concern when reviewing security devices themselves?

Checking for misconfigured firewall rules

What is the primary concern when reviewing servers?

Checking for access control and user permissions

What is the primary purpose of a vulnerability scanner?

To gather information about system vulnerabilities

What type of scan is run from the perspective of someone who does not have access to the network?

Non credentialed scan

What is the difference between a vulnerability scan and a penetration test?

A penetration test tries to exploit vulnerabilities, while a vulnerability scan does not

Why should you never run a vulnerability scan on a network without permission?

It may crash the system or make it unavailable

What type of scan is run from the perspective of someone who has rights and permissions to log in?

Credential scan

What is the purpose of running a vulnerability scan as an insider with full access to the system?

To gather information about the system's vulnerabilities

What is the term for a vulnerability scan that does not attempt to take advantage of vulnerabilities found?

Non intrusive scan

Why should you understand what a vulnerability scan will do before running it?

To ensure the scan does not crash the system or make it unavailable

What can be done after a vulnerability scan is complete to verify the findings?

Find a specific exploit to attack the vulnerability

What is the benefit of running a vulnerability scan internally as an insider with full access to the system?

It helps to identify vulnerabilities that can be exploited from the inside

Which database is synchronized with the CVE list from MITRE?

National Vulnerability Database

What is the main purpose of the Common Vulnerability Scoring System?

To assign a severity score to a vulnerability

What type of vulnerability might be identified by a vulnerability scan due to a lack of security control?

Lack of antivirus software

What is the term for a reported vulnerability that is found to not exist on a device after further research?

False positive

What is the difference between a false positive and a low severity vulnerability?

A low severity vulnerability is a real vulnerability, while a false positive is not

What is the term for a vulnerability that exists on a system but is not identified by a scanner?

False negative

What is the purpose of a vulnerability scan?

To identify potential security risks and vulnerabilities

What is the range of scores assigned by the Common Vulnerability Scoring System?

0 to 10

What type of vulnerability might be identified by a vulnerability scan due to a misconfiguration?

NFS misconfiguration

Why is it important to research further after a vulnerability scan identifies a vulnerability?

To verify the existence of the vulnerability

What is the implication of a Unix operating system unsupported version detection vulnerability?

The system will have additional vulnerabilities as time goes on

What is the purpose of a vulnerability scanner's database?

To constantly update its knowledge of known vulnerabilities

What type of vulnerability is associated with WhatsApp desktop app CVE-2020-1889?

Security feature bypass issue

What is the result of a vulnerability scan on a network device?

Information about misconfigured firewalls and open ports

Where can you find information about a specific CVE?

All of the above

What is the purpose of a vulnerability scan?

To find every possible vulnerability that the scanner knows about

What is an example of a web-based application vulnerability?

An information leak via error message in PHP file UCMS

What is the outcome of a vulnerability scan on a system with Ubuntu 8.04?

The system is no longer supported and will have additional vulnerabilities

What should you do before and after performing a vulnerability scan?

Perform research prior to the scan, and afterwards to make decisions

What is CVE-2022-5079 related to?

An authenticated command injection issue on D-Link DCS-2530L routers