1.6: Vulnerabilities

Question 1

Zero Day

Answer 1

vulnerability has not been detected or published.
CVE: http://cve.mitre.org

Question 2

Weak Encryption

Answer 2

Weak encryption protocols can be a source of vulnerability.
Some cipher suites are easier to break than others
Keys less than 128 bit sizes, outdated hashes (md5)

Question 3

Insecure Protocols

Answer 3

‘In the clear’ protocols that don’t encrypt data.
FTP, SMTP, IMAP

Encrypted versions should be used: SSH, SFTP, IMAPs

Question 4

Default Settings

Answer 4

every app/device has a default ‘login’

Marai botnet takes advantage of default configs consisting of IoT.

Question 5

Open Ports and Services

Answer 5

Services open ports, unnecessary open ports are security vulnerabilities.

Question 6

Improper Patch management

Answer 6

Centrally managed, update server/endpoint manager usually determine which patches to send.

Not being patched can leave backdoors open.

Question 7

Legacy Platforms

Answer 7

Some devices remain installed for too long
outdates software/middleware and now become a security concern.

Question 8

3rd Party Risks

Answer 8

Plan for worst possible scenario.
There should be more security, not less.

Question 9

System Integration Risk

Answer 9

Professional installation and maintenance, can include elevated OS access.
Can be on-site with access to physical devices.
Can run software on the internal network.

Question 10

Supply Chain Risk

Answer 10

Cant control security from a 3rd parth location.
Hardware/software from vendor can be counterfit/contain malware.