CompTIA Cybersecurity Analyst (CySA+) - Module 2: Vulnerability Management Already Graded A+

All parts of a security policy should be public knowledge. True False Correct answer- False What reasons might a company forgo scanning a critical system? Too much time Confidentiality Backups already exist Costs too much Correct answer- Too much time & Costs too much What is the factor that determines scanning frequency characterized by an accepted amount of risk? Technical Constraints Risk Acceptance Risk Appetite Regulatory Requirements Correct answer- Risk Appetite An assessment scan is used to discover assets. True False Correct answer- False What type of test gives the best perspective of an outsider threat? Non-Credentialed Scan Passive Scan Agent-Based Scan Credentialed Scan Correct answer- Non-Credentialed Scan What should be considered when prioritizing vulnerabilities to be fixed? Where it is How critical it is Time to fix Which scanner was used Correct answer- How critical it is & Time to fix What is a factor considered when categorizing a change to a system? Scope Size Sensitivity Level Risk Correct answer- Risk What could inhibit a change from being implemented? Cost Complexity Approval All of the Above Correct answer- All of the Above An Agent-Based Scan has a lesser impact on a network vs Sever-based. True False Correct answer- True Which scan effects network traffic the least? Non-Credentialed Scan Agent-Based Scan Passive Scan Server-Based Scan Correct answer- Passive Scan Which one of these is legally binding? MOU SLA ATWA MTTR Correct answer- SLA What determines when a companies security capabilities should grow. Workflow Regulatory Requirements Technical Constraints Risk Appetite Correct answer- Workflow Which type of scan uses a copy of the network traffic to find vulnerabilities? Agent-Based Scan Non-Credentialed Scan Passive Scan Server-Based Scan Correct answer- Passive Scan The results of vulnerability scans should be shared with the entire company in order to fix vulnerabilities. True False Correct answer- True What is it called when a scan misses an existing vulnerability? False Reporting True Negative False Negative False Positive Correct answer- False Negative Which has a higher chance of being compromised? Agent-Based Scan SCAP Passive Scan Server-Based Scan Correct answer- Agent-Based Scan Which type of scan is most likely to cause major disruption in everyday operations? Agent-Based Scan Non-Credentialed Scan Server-Based Scan Credentialed Scan Correct answer- Credentialed Scan What factors help determine the potential frequency of scanning? Technical Constraints Vulnerability Feed Workflow Scope Correct answer- Technical Constraints & Workflow After a successful scan it is best to continue running them over time. True False Correct answer- True When running a vulnerability scan what determines the number of systems are part of it? Sensitivity Level Technical Constraints Scope SCAP Correct answer- Scope What is making sure that a vulnerability scanner is kept up-to-date? Regulatory Requirements Vulnerability Feed SCAP Change Control Correct answer- Vulnerability Feed A security policy stays relatively static throughout a companies history. True False Correct answer- False What is a projected acceptable amount of downtime that is allowed that can determine if a change can be implemented? Regulatory Requirements MTTR Risk Appetite Availability Correct answer- Availability What allows scanners to determine if a system meets a configuration baseline if that scanner is compatible? SCAP SLA Sandboxing CVSS Correct answer- SCAP What uses a list of known weaknesses to determine if a system meets certain baseline? CVSS CWE SJW CVE Correct answer- CWE & CVE Having multiple scanners does not decrease the likelihood of false negatives. True False Correct answer- False What determines how far a vulnerability scan will examine? Vulnerability Feed Sensitivity Level Scope Depth Correct answer- Sensitivity Level Regulatory requirements could prevent a company from increasing it's risk appetite. True False Correct answer- True Which scan gives the most information about a system? Passive Scan Non-Credentialed Scan Credentialed Scan Server-Based Scan Correct answer- Credentialed Scan What determines how frequently a certain type of scan will run? Sensitivity Level Time Management Vulnerability Feed Scope Correct answer- Scope A companies security policy doesn't need to change for different countries if it is compliant within it's own. True False Correct answer- False What is the average amount of time that it takes to correct an issue? Availability MOU MTTR Downtime Management Correct answer- MTTR What type of scan gives the best perspective of a potential insider threat? Credentialed Scan Passive Scan Agent-Based Scan Non-Credentialed Scan Correct answer- Credentialed Scan Sandboxing should never be used without also having a formal change management process. True False Correct answer- False Which type of scan does not require an active connection to the network? Credentialed Scan Agent-Based Scan Server-Based Scan Non-Credentialed Scan Correct answer- Agent-Based Scan What allows for easy categorization of vulnerabilities by assigning them a value based on certain characteristics? CVSS CWE CVE SCA Correct answer- CVSS Which of these outlines an agreement between two parties outlining their services? NDA Corporate Policy MOU SLA Correct answer- MOU & SLA A proactive change is one that occurs before and incident can occur True False Correct answer- True Which factor determines scanning frequency when dealing with the complexity of a system? Workflow Technical Constraints Risk Appetite Regulatory Requirements Correct answer- Technical Constraints Which type of scan causes its own potential security concern by supplying full admin rights to someone else? Non-Credentialed Scan Server-Based Scan Credentialed Scan Agent-Based Scan Correct answer- Credentialed Scan A Non-Credentialed Scan is much less stable and more likely to cause a system crash. 1 Correct answer- 1 (?) What are some things that may inhibit remediation? Scanning Frequency Unstructured Data Lack of Approval Sandboxing Correct answer- Scanning Frequency & Lack of Approval What are some reasons a vulnerability that is simple to fix would be addressed before a more critical one? Time Money Complexity All of the Above Correct answer- All of the Above A Server-Based scanner is centered around a software installed on the host. True False Correct answer- False Running an untuned vulnerability scanner may cause an increased amount of false positives. True False Correct answer- True Unpatchable systems should be identified by vulnerability scanners and exceptions should be made when scanning them. True False Correct answer- True Which of the following scans will attempt to compare a system's configurations against a best practice framework? Framework scan Vulnerability Scan Compliance Scan Best Practice Scan Correct answer- Compliance Scan When attempting to scan a Windows system a commonly known vulnerability is discovered for a Linux system. This is known as a what? False Positive True Positive False Negative True Negative Correct answer- False Positive Vulnerability scans should be continuously run until no more vulnerabilities exist no matter what. True False Correct answer- False Vulnerability scans should be treated as though they are 100% accurate initially and every result should be investigated. True False Correct answer- True Which of the following examples should an analyst measure while analyzing trends in order to determine the security posture of a host? What percentage of compliance targets are being met How many vulnerabilities are discovered How many compliance goals are being met compared to last week How many invalid login attempts are recorded Correct answer- How many compliance goals are being met compared to last week Which of the following scenarios should be marked as an exception in a vulnerability scanner? A host that is unable to have an internet connection A host that cannot utilize a desired software A host only temporarily connected to the network A host with unpatchable software Correct answer- A host with unpatchable software An admin is continuously finding false positives on a host. Upon looking further it is discovered that a known issue that cannot be fixed is creating these false positives. Which of the following should the admin create to remedy the situation? A log A report A patch An exception Correct answer- An exception When implementing remedies to vulnerabilities discovered on a system patches should be applied on a first come first served basis. True False Correct answer- False In all situations all configurations of a host should match that host's framework in order to insure system compliance. True False Correct answer- False Which of the following are the most likely target of an attacker? Endpoints Network Appliances Servers Mobile Devices Correct answer- Servers What form of attack can cause the most damage to a server by exposing it to misuse from a legitimate user? An Internal attack A DDoS attack a MitM attack An external attack Correct answer- An Internal attack Mobile phones should be treated as though they are malicious when entering the work network until proven otherwise. True False Correct answer- True Your boss wants to implement a solution to manage mobile devices and control how they may interact with a network. What is this called? DoS BYOD MDM SCADA Correct answer- MDM An attacker may compromise the corporate network by first compromising the network of a business partner. True False Correct answer- True When implementing a VPN solution which of the following security controls should be utilized in order to guarantee a secure connection from a legitimate device? Choose all that apply. Agent-based authentication Multi-factor Authentication MAC filtering Health scans Correct answer- Agent-based authentication & Health scans A SCADA system is unable to be protected like a regular computer network. True False Correct answer- False When assigning tasks to different teams your boss decides to have one team manage the physical infrastructure and another manage the virtual infrastructure. This is known as ______. Best practice Mandatory Access Control Job Isolation Separation of duties Correct answer- Separation of duties In order to prevent the risk of one virtual machine compromising another they should be placed on the same host so that logical controls may separate them. True False Correct answer- False SCADA systems have built in security measures that should be untrusted as they may interfere with other security controls on the network. True False Correct answer- False Which of the following can be utilized to prevent access to an industrial controls system over the network? IDS SCADA Firewall SCADA-based IPS Correct answer- Firewall SCADA and ICS tend to require older versions of operating systems and should never be connected to the network as a result. True False Correct answer- False Since VPN connections cannot completely confirm which devices are connecting at the other end of the connection so multi-factor authentication should be utilized to further confirm which host is connecting. True False Correct answer- True