Adventures In CyberSecurity: CYSA+ CS0-002 Study Area

Chapter 3

Vulnerability Management is done through a formal process called Vulnerablity Assesment which works with another process called Risk Management.
Vulnerablility assesment identifies and assesses the vulnerablility.
Risk Management indentifies assets at risk and assigns a risk value derived from the liklihood and impact to each asset.

Assett Criticality describes the relative value of an asset to the organization

List at least one question that should be raised when determining an asset's criticality to an organization. Will we be able to recover the data in case of disater?
How long will it take to recover the data?
What is the effect of this downtime, including public standing?

Nessus Network Monitor is an example of what type of scanner? Passive

Describe the diffence between a false positive, true positive, false negative, and true negative

• False Positives occur when a scanner finds a vulnerability that does not exist
• True Positives occur when the scanner correctly identifies a vulnerability
• False Negatives occur when the scanner does not identify a vulnerability that does exist
• True Negatives occur when the scanner correctly determines that a vulnerability does not exist

A Configuration Baseline is a set of security settings that are required on devices of various types

Place the patch management life cycle steps in order

• Determine the priority of the patches and schedule the patches for deployment
• Test the patches
• Ensure the patches work properly
• Deploy the patches to the live environment

What type of controls are implemted when encrypting sensitive data? Counter Measure or Compensating Control

List at least 2 hardening techniques.

• Remove unneccesary applications
• Disable unneccesary services. Block unrequired ports
• Tightly control the connection of external storage devices and media

Match the risk handling techniques with their definition

• Risk Transfer - Passing the risk off to a third party such as an insurance company
• Risk Mitigation - Defining the acceptable risk level the organization can tolerate and reducing risk to that level
• Risk Avoidance - Terminiating the activity that causes a risk or choosing an alternative that has less risk
• Risk Acceptance - Understanding and accepting the level of risk as well as the cost of damage that can occur

List at least one risk to scanning.

• A scan can not replace trained personnel
• Scans are only as effective as the signature or database they rely on and must be updated regularly
• Scan can potentially slow down the network

Define Key Terms

• Asset Criticality - Classification placed on assets based on their value to the organization
• Passive Vulnerability Scanner - A tool to monitor network traffic at the packet layer to determine topology, services, and vulnerablities
• Active Vulnerability Scanner - A tol that collects information and attempts to block attacks
• Enumeration - The process of identifying and listing vulnerabilities
• True Positives - Occurs when the scanner correctly identifies a vulnerability
• False Positives - Occurs when the scanner identifies a vulnerability that does not exist
• True Negative - Occurs when the scanner correctly identifies that a vulnerability does not exist
• False Negative - The scanner does not identify a vulnerability that actually exists
• Configuration Baseline - A collection of security settings that are required on devices of various types
• Patching - applying updates released by vendors to fix functional issues or to close security holes in operating systems, applications, firmware, or network devices
• Hardening - An ongoing goal to ensure that all systems have been hardened to the highest extent possible and still provide functionality and can be accomplished on physical and logical bases
• Compensating Control - methods implemented to compensate for a vulenrability that can not be completely mitigated by reducing the potential risk of that vulnerability being exploited
• Risk Acceptance - Understanding and accepting the level of risk as well as the cost of damage that could occur
• Vulnerability Feed - RSS feeds dedicated t the sharing of information about the latest vulnerabilities
• Scope - defines what will be scanned andwhat type of scan will be performed
• Credentialed Scan - a scan performed by someone with administrative rights to the host
• Non Credentialed Scan - a scan performed by someone lacking administrative rights to the host
• Internal Scan - a scan to find vulnerabilities that can be leveraged by outsiders who have penetrated the perimeter or malicious insiders
• External Scan - a scan to find vulnerabilities that can be leveraged from outside the perimeter
• Memorandum of Understanding (MOU) - a document that indicates a general agreement between the principles to do something together
• Service Level Agreement - a document that specifies a service to be provided by a party, the cost of the service, and the expectation of performance
• Legacy Systems - older and potentially less secure systems
• Proprietary Systems - systems developed by an organization, for which no update may be available.