Vulnerability Assessment

Question 1

What does the ‘Remediation’ stage of Vulnerability Assessment entail?

Answer 1

Remediation is the process of applying fixes on vulnerable systems in order to reduce the impact and severity of vulnerabilities

Question 2

What does the ‘Verification’ stage of Vulnerability Assessment entail?

Answer 2

This phase provides clear visibility into the firm and allows the security team to check whether all the previous phases have been perfectly employed or not

Question 3

What does the ‘Risk Assessment’ stage of Vulnerability Assessment entail?

Answer 3

All serious uncertainties that are associated with the system are assessed and prioritized, and remediation is planned to permanently eliminate system flaws

Question 4

What does the ‘Monitoring’ stage of Vulnerability Assessment entail?

Answer 4

Organizations need to performed regular monitoring to maintain system security. Continuous monitoring identifies potential threats and any new vulnerabilities that have evolved

Question 5

What is CVSS?

Answer 5

CVSS (the Common Vulnerability Scoring System) is a published standard that provides an open framework for communicating the characteristics and impacts of IT vulnerabilities.

Question 6

What is the correct order of steps in vulnerability assessment?

Answer 6

1. Risk Assessment
2. Remediation
3. Verification
4. Monitoring

Question 7

What is the correct order of steps in the vulnerability management lifecycle?

Answer 7

1. Identify Assets & Create Baseline
2. Vulnerability Scan
3. Risk Assessment
4. Remediation
5. Verification
6. Monitor
7. Repeat

Question 8

What are the 3 metrics which establish a CVSS score?

Answer 8

Base Metrics, Environmental Metrics, and Temporal Metrics.

Question 9

What is an Internal Assessment?

Answer 9

An internal assessment involves scrutinizing the internal network to find exploits and vulnerabilities

Question 10

What is a Distributed Assessment?

Answer 10

This type of assessment, employed by organizations that possess assets like servers and clients at different locations, involves simultaneously assessing the distributed organization assets, such as client and server applications, using appropriate synchronization techniques

Question 11

What is a Network-based Assessment?

Answer 11

These assessments discover network resources and map the ports and services running to various areas on the network

Question 12

What is a Credentialed Assessment?

Answer 12

In this type of assessment, the ethical hacker possesses the credentials of all machines present in the assessed network

Question 13

What is a host-based assessment?

Answer 13

A host-based assessment involves looks at the vulnerabilities of the devices on a particular network

Question 14

What is an active assessment?

Answer 14

An active assessment involves using a network scanner to look for hosts

Question 15

What is a passive assessment?

Answer 15

A passive assessment involves sniffing packets in a network

Question 16

What is a wireless network assessment?

Answer 16

A wireless network assessment looks for vulnerabilities in the wireless network

Question 17

What is a Product-Based Vulnerability Assessment Solution?

Answer 17

A Product-Based Vulnerability Assessment is a solution that is installed either on a private or non-routable space or on the Internet-addressable portion of an organization’s network.

Question 18

What is a Tree-Based Vulnerability Assessment Solution?

Answer 18

In a tree-based assessment, the auditor (parent) selects different strategies for each machine or component (child nodes) of the information system. This approach relies on the administrator to provide a starting piece of intelligence and then to start scanning continuously without incorporating any information found at the time of scanning

Question 19

What is a Service-Based Vulnerability Assessment Solution?

Answer 19

Service-based solutions are offered by third parties, such as auditing or security consulting firms. Some solutions are hosted inside the network, while others are hosted outside the network

Question 20

What is an Inference-Based Vulnerability Assessment Solution?

Answer 20

In an inference-based assessment, scanning starts by building an inventory of the protocols found on the machine

Question 21

What are Depth Assessment Tools?

Answer 21

Depth assessment tools are used to discover and identify previously unknown vulnerabilities in a system. Generally, tools such as fuzzers, which provide arbitrary input to a system’s interface, are used to identify vulnerabilities to an unstable depth

Question 22

What are Host-Based Vulnerability Assessment Tools?

Answer 22

The host-based scanning tools are appropriate for servers that run various applications, such as the Web, critical files, databases, directories, and remote accesses. These host-based scanners can detect high levels of vulnerabilities and provide required information about the fixes (patches).

Question 23

What are Scope Assessment Tools?

Answer 23

Scope assessment tools provide an assessment of the security by testing vulnerabilities in the applications and operating system. These tools provide standard controls and a reporting interface that allows the user to select a suitable scan.

Question 24

What are Application-Layer Vulnerability Assessment Tools?

Answer 24

Application-layer vulnerability assessment tools are designed to serve the needs of all kinds of operating system types and applications. Various resources pose a variety of security threats and are identified by the tools designed for that purpose

Question 25

What are Network-Based Scanners?

Answer 25

Network-based scanners are those that interact only with the real machine where they reside and give the report to the same machine after scanning

Question 26

What are Agent-Based Scanners?

Answer 26

Agent-based scanners reside on a single machine but can scan several machines on the same network

Question 27

What are Proxy Scanners?

Answer 27

Proxy scanners are the network-based scanners that can scan networks from any machine on the network

Question 28

What are Cluster Scanners?

Answer 28

Cluster scanners are similar to proxy scanners, but they can simultaneously perform two or more scans on different machines in the network