Vulnerability Mgmt Flashcards
What is Vulnerability Mgmt?
Vulnerability management is the process of identifying, evaluating, treating, and reporting potential risk areas identified within a system or software.
What is involved in network testing?
Identifying vulnerabilities is done by conducting what is known as a network scan. Network scanning involves pinging all devices on a network and identifying if some open ports or services can act as potential gateways for cybercriminals to access.
Potential vulnerabilities are listed and ranked according to the threat level. Upon this, mitigating actions are determined. It’s important to note that an open port is not necessarily dangerous. Some ports are always open such as HTTPS, which allows you to connect and interact with the internet. To say a port is open means it listens for requests and then sends a response when pinged. Then, the system configuration and software that runs on that port are assessed and compared with known vulnerabilities.
What is penetration testing?
Companies carry out penetration tests to test a system’s security. A penetration test is a real-world simulated attack on your system (ie MS Assume Breach).
What is vulnerabilty verification?
Another testing method is Vulnerability Verification. Here, a security risk is ranked according to the Common Vulnerability Scoring System (CVSS). This is a standardized metric used to assess threat levels. However, with some systems, a combination of issues that arise tend to expose the network.
While CVSS can indicate some dangers, the flaw in a company’s system may be the combination of outdated software associated with an open port and some other misconfigurations. Therefore, the IT professional assesses each incident on a case-by-case basis. Analysis tools can only give indications; they do not guarantee a system’s security.
What is remediation?
The ideal solution is remediation. Remediation removes the threat to a system and is achieved by changing configurations or applying a particular patch.
What is mitigation?
Mitigation sets out to reduce the likelihood of exploitation or, in some other way, reduce the risk or fallout from a flaw.
What is acceptance?
This approach means that the company has identified a possible weakness or flaw. However, they leave the issue unresolved. This might be done because the fix is too large, or the damage that might be done is not large enough to warrant taking time to fix it.
