IT Security Department > Competition > Flashcards

Competition Flashcards

(6 cards)

Study These Flashcards
1
Q

What is a vulnerability Assessment?

A

A vulnerability scan is a static inspection of network components, to identify security holes. It’s conducted with automated software and lists out security issues and grades according to CVSS.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are the limitations of vulnerability assessments?

A

Doesnt consider the actual business impact and has a lot of false positives. Also lacks dynamic context of the network, data and human error.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

List 5 examples of Vulnerability Assessment solutions.

A
  1. Nexpose (Rapid7)
  2. Beyondtrust Network Security Scanner
  3. Nessus (Tenable)
  4. Qualys
  5. OpenVAS (opensource, we use it)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is a Breach and Attack Simulator?

A

Deploys agents across a network which communicate with eachother and deploy simulated attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

List 6 examples of BAS tools?

A
  1. Cymulate
  2. AttackIQ
  3. Metasploit (Rapid7)
  4. Core Security
  5. Wireshark
  6. SAINT
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are the 2 key shortcomings of BAS tools compared to PenTera?

A
  1. They require agents.
  2. They are tools for experienced Pentesters, you need to be technical to use them. With PenTera you only need a very basic understanding of cyber security.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
IT Security Department
flashcards
Decks in class (5)
# Cards
Brainscape helps you reach your goals faster, through stronger study habits.
© 2026 Bold Learning Solutions. Terms and Conditions