What is a Vulnerability Assessment?
- Identify and assign severity levels to as many security defects as possible
- Can be automated or manual
What are the Objectives of a Vulnerability Assessment?
- Discover vulnerabilities before they are exploited
- Identify Vulnerabilities
- Document vulnerabilities so they can be recreated
- Create guidance to assist developers
What are the Types of Vulnerability Assessments?
- Host Assessment
- Network and Wireless Assessment
- Database Assessment
What is a Host assessment?
Assessment of critical servers
What is Network and Wireless Assessment?
Assessment of network and network-accessible resource policies
What is Database Assessment?
Assessment of databases or big data systems and classifying sensitive data across infrastructure
What are the Five Key Steps in Vulnerability Management?
- Outline vulnerability management policy
- Discover existing vulnerabilities
- Analyze current level of security and rank vulnerabilities
- Mitigate causes of vulnerabilities
- Maintain security through ongoing testing and discovery
What is Vulnerability Management Policy?
- Define levels of security
- Set guidelines for vulnerability management practices
- Classify vulnerabilities
- Define how often scans occur
- Define access-control policies
- Outline noncompliance consequence
What are the Phases of a Vulnerability Assessment Scanner?
- Vulnerability Identification
- Analysis
- Risk Assessment
- Remediation
Define Processes in the Security Scanning Process
- Scoping (pre task)
- Gathering Information (pre task)
- Vulnerability identification
- Vulnerability analysis
- Risk Assessment
- Remediation
- Validation (post Task)
What is Scoping in Security Scanning?
Define the scope of the assessment
What is Gathering Information in Security Scanning?
- Collecting information about the target systems
What is Vulnerability Identification in Security Scanning?
Analyzing the results of the vulnerability scans and identifying potential vulnerabilities that could be exploited
What is Risk Assessment in Security Scanning?
Prioritizing vulnerabilities
What is Vulnerability Analysis in Security Scanning?
Identify source and root cause of vulnerabilities identified
What are the Factors considered in Risk Assessment in Security Scanning?
- Affected systems
- Data at risk
- Business functions at risk
- Ease of attack or compromise
- Severity of attack
- Potential damage
What is Remediation in Security Scanning?
- Closing security gaps
- Typically a joint effort by security, development, and operations
What is Validation in Security Scanning?
Performing a follow-up assessment to validate that vulnerabilites have been properly addressed
What is a Vulnerability Scoring System?
Used to quantify and prioritize vulnerabilities based on severity and potential impact
What is the CVSS?
The Common Vulnerability Scoring System is a standard that assigns a numerical score ranging from 0 to 10 based on several factors
What is the CVE?
The Common Vulnerabilities and Exposures system logs publicly known vulnerabilities and assigns a unique identifier to them
What is the Identifier format for the CVE?
CVE-Year-#####
What is the Format of a CVSS Vector String?
- Identifier
- Impact
- Environmental Concerns
- Additional information
What are the Three CVSS Metric Groups?
- Base: no changes
- Environmental: might vacy in different deployments
- Temporal: changes over time
