Module 3: Vulnerabilities in Systems

by
Contents hide
1 INTRODUCTION – Vulnerabilities in Systems
2 TEST YOUR KNOWLEDGE: FLAWS IN THE SYSTEM
3 TEST YOUR KNOWLEDGE: IDENTIFY SYSTEM VULNERABILITIES
4 TEST YOUR KNOWLEDGE: CYBER ATTACKER MINDSET
5 MODULE 3 CHALLENGE
6 CONCLUSION – Vulnerabilities in Systems
Spread the love

INTRODUCTION – Vulnerabilities in Systems

After all, learners will come to understand the best part-the nitty-gritty of vulnerability management. Understanding how organizations identify, assess, and ultimately mitigate vulnerabilities across the enterprise will enhance the entire cybersecurity experience. The module will be a kickoff event that will examine vulnerabilities: laying down the most common vulnerabilities, usually what threat a given asset would suffer if left uncorrected. The course will feature capabilities that will develop one’s thinking for portraying the mindset of an attacker.

The learners would be expected to equip themselves with all kinds of simulation exercises and case studies for contextual applicability during this module. Such a section will see learners understand quite well not only the vulnerabilities management process but also acquire analytical skills in term of assessing threats to assets secured. The entire skimming is going to ensure that participants learn the theoretical knowledge they must possess, as well as experience immediately so that they can become competent in managing the vulnerable landscape that cybersecurity presents.

Learning Objectives:

  • Distinguish threats from vulnerabilities.
  • Discuss defense-in-depth.
    Explain how common vulnerability exposures are identified by MITRE.
  • Explain how vulnerability assessments are used to evaluate potential risk.
  • Analyze an attack surface.
    Develop an attacker mindset for recognizing threats.

TEST YOUR KNOWLEDGE: FLAWS IN THE SYSTEM

1. Which of the following are steps in the vulnerability management process. Select two answers.

  • Catalog organizational assets
  • Prepare defenses against threats (CORRECT)
  • Assign a CVE® ID
  • Identify vulnerabilities (CORRECT)

Vulnerability management is an in-house process involving the identification of such vulnerabilities and the installation of very defenses against them.

2. An organization is attacked by a vulnerability that was previously unknown. What is this exploit an example of?

  • A cipher
  • A zero-day (CORRECT)
  • An asset
  • A perimeter layer

A zero-day is an exploit or vulnerability that is unknown to the software maker or security community, meaning that it is unpatched and possibly would be vulnerable to some attacks.

3. Which layer of the defense in depth strategy is a user authentication layer that mainly filters external access?

  • Perimeter (CORRECT)
  • Data
  • Network
  • Endpoint

The perimeter layer is where the authentication technology sits, which permits users who have been authenticated to access the system or network. Perimeter security refers to the possible first line of defense.

4. A security researcher reports a new vulnerability to the CVE® list. Which of the following criteria must the vulnerability meet before it receives a CVE® ID? Select two answers.

  • The vulnerability must be unknown to the developer.
  • It must affect multiple applications.
  • The submission must have supporting evidence. (CORRECT)
  • It must be independently fixable. (CORRECT)

whether the vulnerabilities could be fixed independently and that evidence could be obtained for efficient effective addressing and mitigation.

5. Which of the following are steps in the vulnerability management process? Select three answers.

  • Consider potential exploits (CORRECT)
  • Identify vulnerabilities (CORRECT)
  • Prepare defenses against threats (CORRECT)
  • Conduct zero-day exploits

Vulnerability management entails four simple steps that include the identification of vulnerabilities, analysis of possible exploitation, implementation of defenses against threats, and evaluating:defense effectiveness.

6. Which of the following is a layered approach to vulnerability management that reduces risk?

  • Separation of duties
  • OAuth
  • Defense in depth (CORRECT)
  • Asset management

Vulnerability management through Defense in Depth manages risk from layered approaches. It protects assets through numerous defenses, so that if one is breached, the system remains protected.

7. Which of the following criteria need to be met before qualifying for a CVE® ID? Select three answers.

  • Vulnerabilities must be submitted with supporting evidence. (CORRECT)
  • Vulnerabilities must only affect one codebase. (CORRECT)
  • Vulnerabilities must be recognized as a potential security risk. (CORRECT)
  • Vulnerabilities must be exploited prior to reporting.

To be granted a CVE® ID, vulnerabilities are affecting a single codebase, filed with supporting evidence and acknowledged as probable security risks. They also have to be self-contained of other issues to make sure they can be handled one at a time.

TEST YOUR KNOWLEDGE: IDENTIFY SYSTEM VULNERABILITIES

1. Fill in the blank: A vulnerability ____ refers to the internal review process of an organization’s security systems.

  • assessment (CORRECT)
  • scanner
  • patch
  • scoring

A vulnerability assessment is an internal review process that evaluates an organization security systems to identify weaknesses and potential vulnerabilities in order to help mitigate and improve risk in overall security posture.

2. What are the goals of a vulnerability assessment? Select two answers.

  • To identify existing weaknesses (CORRECT)
  • To audit regulatory compliance
  • To detect network traffic
  • To reduce overall threat exposure (CORRECT)

To find the weaknesses of existing security systems and reduce exposure to possible threats, thereby enhancing the security posture of the organization, is the goal of vulnerability assessment.

3. Which of the following remediation examples might be implemented after a vulnerability scan? Select two answers.

  • Locating vulnerabilities in workstations
  • Installing software updates and patches (CORRECT)
  • Identifying misconfigurations in an application
  • Training employees to follow new security procedures (CORRECT)

Remediations after vulnerability scanning include training employees to comply with new procedures for security, installing updated software and patches, and restraining access controls to close existing vulnerabilities.

4. What are two types of vulnerability scans? Select two answers.

  • Patch or upgrade
  • Risk or threat
  • Limited or comprehensive (CORRECT)
  • Authenticated or unauthenticated (CORRECT)

Vulnerability scans are categorized into authenticated and unauthenticated, limited and comprehensive. In addition, they are divided into internal and external; internal scans pertain to those assessing the organization’s network for internal vulnerabilities, while external scans focus on vulnerabilities available to the outside world’s view.

5. Which of the following steps may be part of a vulnerability assessment? Select three answers.

  • Data encryption
  • Risk assessment (CORRECT)
  • Identification (CORRECT)
  • Remediation (CORRECT)

A vulnerability assessment typically includes identification, risk assessment, and remediation and also can involve vulnerability analysis. The remediation stage addresses those vulnerabilities identified and analyzed with corrective actions to cure possible risks.

TEST YOUR KNOWLEDGE: CYBER ATTACKER MINDSET

1. What is the difference between an attack vector and an attack surface?

  • An attack surface refers to all the weaknesses of an asset that can be attacked; an attack vector refers to an outdated and vulnerable network.
  • An attack surface refers to the specific method of attack; an attack vector refers to an outdated and vulnerable network.
  • An attack surface refers to the specific pathway of exploiting a weakness; an attack vector refers to all the weaknesses of an asset that can be exploited.
  • An attack vector refers to the pathways attackers use to penetrate security defenses; an attack surface refers to all the vulnerabilities of an asset that can be exploited. (CORRECT)

These are the pathways that threat actors use to breach security defenses-called attack vectors-while attack surfaces refer to all those vulnerable points in a system or in a network that a threat actor could exploit.

2. What are examples of security hardening? Select three answers.

  • Hashing all user passwords (CORRECT)
  • Restarting a crashed application
  • Disabling unused network ports (CORRECT)
  • Keeping systems patched and updated (CORRECT)

An example of security hardening is disabling unused network ports, hashing all user passwords, and patching and updating systems. Security hardening is the strengthening of systems to remove or reduce vulnerabilities and defend against potential attacks.

3. Which steps are applied when using an attacker mindset? Select three answers.

  • Stay in communication with a target
  • Determine how a target can be accessed (CORRECT)
  • Evaluate a target’s attack vectors (CORRECT)
  • Identify a target (CORRECT)

The process of adopting an attacker mentality includes, first, identifying a target; then determining the ways of accessing the target; and finally, analyzing attack vectors. By this approach, the possible weaknesses in a given system are known and an understanding is developed regarding how a threat actor might attempt to exploit them.

4. How can businesses reduce the number of attack vectors they must defend? Select three answers.

  • By educating users so they can participate in preventing attacks (CORRECT)
  • By controlling access and authorization to assets (CORRECT)
  • By totally restricting information from being shared
  • By implementing security controls that protect information (CORRECT)

Thus, they would be able to reduce attack vectors through their access and authorization services to assets, security controls to protect information, and even through educating users so that they can actively participate in the prevention of attacks.

5. Which of the following is an example of an organization’s digital attack surface?

  • A disgruntled employee
  • A restricted filing cabinet
  • The organization’s website (CORRECT)
  • The organization’s server room

For example, an organization’s website is part of its digital attack surface. An attack surface refers to all the likely opportunities threat actors may exploit. Digital attack surface includes not just the organization’s websites, applications, and devices but any connections to that organization’s network that could allow infiltration by a malicious actor.

6. Fill in the blank: ____ refer to the pathways attackers use to penetrate security defenses.

 
  • Vulnerability analyses
  • Attack vectors (CORRECT)
  • Vulnerability assessments
  • Attack surfaces

The specific pathways through which attackers can breach security defenses are called attack vectors. By exploiting these vectors, threat actors take advantage of some exploitation or exposure in a system or a network.

MODULE 3 CHALLENGE

1. An application has broken access controls that fail to restrict any user from creating new accounts. This allows anyone to add new accounts with full admin privileges.

The application’s broken access controls are an example of what?

  • A security control
  • A threat
  • An exploit
  • A vulnerability (CORRECT)

2. What security strategy uses a layered approach to prevent attackers from gaining access to sensitive data?

  • Defense in depth (CORRECT)
  • Kerchoff’s principle
  • Caesar’s cipher
  • Triple DES (3DES)

3. What is the difference between the application and data layers of the defense in depth model?

  • The data layer includes controls like encryption and hashing to secure data at rest. The application layer protects individual devices that are connected to a network.
  • The data layer only allows employees to access information. The application layer secures information with controls that are programmed into the application itself.
  • The application layer secures information with controls that are programmed into the application itself. The data layer maintains the integrity of information with controls like encryption and hashing. (CORRECT)
  • The application layer maintains the integrity of information with controls like encryption and hashing. The data layer blocks network traffic from untrusted websites.

4. What is the main purpose of the CVE® list?

  • To provide organizations with a framework for managing cybersecurity risk
  • To share a standard way of identifying and categorizing known vulnerabilities and exposures (CORRECT)
  • To create a dictionary of threats to organizational assets that must be addressed
  • To keep a record of the coding mistakes of major software developers

5. What is the purpose of vulnerability management? Select three answers.

  • To review an organization’s internal security systems (CORRECT)
  • To identify exposures to internal and external threats (CORRECT)
  • To track assets and the risks that affect them
  • To uncover vulnerabilities and reduce their exploitation (CORRECT)

6. What is the main goal of performing a vulnerability assessment?

  • To catalog assets that need to be protected
  • To practice ethical hacking techniques
  • To pass remediation responsibilities over to the IT department
  • To identify weaknesses and prevent attacks (CORRECT)

7. Fill in the blank: All the potential vulnerabilities that a threat actor could exploit is called an attack _____.

  • vector
  • network
  • surface (CORRECT)
  • database

8. Fill in the blank: An attack _____ refers to the pathways attackers use to penetrate security defenses.

  • vector (CORRECT)
  • landscape
  • vulnerability
  • surface

9. What are ways to protect an organization from common attack vectors? Select three answers.

  • By keeping software and systems updated (CORRECT)
  • By not practicing an attacker mindset
  • By educating employees about security vulnerabilities (CORRECT)
  • By implementing effective password policies (CORRECT)

10. Consider the following scenario:

A cloud service provider has misconfigured a cloud drive. They’ve forgotten to change the default sharing permissions. This allows all of their customers to access any data that is stored on the drive.

This misconfigured cloud drive is an example of what?

  • An exploit
  • A security control
  • A vulnerability (CORRECT)
  • A threat

11. Why do organizations use the defense in depth model to protect information? Select two answers.

  • Security teams can easily determine the “who, what, when, and how” of an attack.
  • Each layer uses unique technologies that communicate with each other.
  • Threats that penetrate one level can be contained in another. (CORRECT)
  • Layered defenses reduce risk by addressing multiple vulnerabilities. (CORRECT)

12. An organization’s firewall is configured to allow traffic only from authorized IP addresses. Which layer of the defense in depth model is the firewall associated with?

  • Endpoint
  • Network (CORRECT)
  • Data
  • Application

13. Which of the following are criteria that a vulnerability must meet to qualify for a CVE® ID? Select all that apply.

  • It must be independent of other issues. (CORRECT)
  • It must pose a financial risk.
  • It must be submitted with supporting evidence. (CORRECT)
  • It must be recognized as a potential security risk. (CORRECT)
  • It can only affect one codebase. (CORRECT)

14. A security team is preparing new workstations that will be installed in an office.

Which vulnerability management steps should they take to prepare these workstations? Select three answers.

  • Consider who will be using each computer. (CORRECT)
  • Configure the company firewall to allow network access. (CORRECT)
  • Download the latest patches and updates for each system. (CORRECT)
  • Install a suite of collaboration tools on each workstation.

15. What are the two types of attack surfaces that security professionals defend? Select two answers.

  • Intellectual property
  • Brand reputation
  • Digital (CORRECT)
  • Physical (CORRECT)

16. An online newspaper suffered a data breach. The attackers exploited a vulnerability in the login form of their website. The attackers were able to access the newspaper’s user database, which did not encrypt personally identifiable information (PII).

What attack vectors did the malicious hackers use to steal user information? Select two answers.

  • The online login form (CORRECT)
  • The user database
  • The newspaper’s website (CORRECT)
  • The unencrypted PII

17. A security team is performing a vulnerability assessment on a banking app that is about to be released. Their objective is to identify the tools and methods that an attacker might use.

Which steps of an attacker mindset should the team perform to figure this out? Select three answers.

  • Determine how the target can be accessed. (CORRECT)
  • Evaluate attack vectors that can be exploited. (CORRECT)
  • Identify a target. (CORRECT)
  • Consider potential threat actors.

18. Consider the following scenario:

You are working as a security professional for a school district. An application developer with the school district created an app that connects students to educational resources. You’ve been assigned to evaluate the security of the app.

Using an attacker mindset, which of the following steps would you take to evaluate the application? Select two answers.

  • Evaluate how the app handles user data. (CORRECT)
  • Identify the types of users who will interact with the app. (CORRECT)
  • Ensure the app’s login form works.
  • Integrate the app with existing educational resources.

19. What phase comes after identifying a target when practicing an attacker mindset?

  • Evaluate the target’s attack vectors.
  • Determine how the target can be accessed. (CORRECT)
  • Find the tools and methods of attack.
  • Prepare defenses against threats.

20. A hotel chain has outdated WiFi routers in their guest rooms. An attacker hacked into the devices and stole sensitive information from several guests.

The outdated WiFi router is an example of what?

  • A threat
  • An exploit
  • A vulnerability (CORRECT)
  • An access control

21. Fill in the blank: According to the CVE® list, a vulnerability with a score of _____ or above is considered to be a critical risk to company assets that should be addressed right away.

  • 11
  • 1
  • 4
  • (CORRECT)

22. Which of the following are characteristics of the vulnerability management process? Select two answers.

  • Vulnerability management is a way to limit security risks. (CORRECT)
  • Vulnerability management should consider various perspectives. (CORRECT)
  • Vulnerability management is a way to discover new assets.
  • Vulnerability management should be a one-time process.

23. A security team is conducting a periodic vulnerability assessment on their security procedures. Their objective is to review gaps in their current procedures that could lead to a data breach. After identifying and analyzing current procedures, the team conducts a risk assessment.

What is the purpose of performing a risk assessment?

  • To simulate attacks that could be performed against each vulnerability
  • To score vulnerabilities based on their severity and impact (CORRECT)
  • To adjust current security procedures
  • To fix vulnerabilities that have been identified

24. Which of the following are types of attack surfaces? Select three answers.

  • Cloud servers (CORRECT)
  • Malicious software
  • Network routers (CORRECT)
  • Computer workstations (CORRECT)

25. What is not a step of practicing an attacker mindset?

  • Evaluate attack vectors that can be exploited.
  • Determine how a target can be accessed.
  • Identify ways to fix existing vulnerabilities. (CORRECT)
  • Find the tools and methods of attack.

26. Which layer of the defense in depth model relates to user devices that have accessed a network?

  • Endpoint (CORRECT)
  • Application
  • Data
  • Perimeter

27. Which of the following are reasons that security teams practice an attacker mindset? Select three answers.

  • To exploit flaws in an application’s codebase
  • To find insights into the best security controls to use (CORRECT)
  • To uncover vulnerabilities that should be monitored (CORRECT)
  • To identify attack vectors (CORRECT)

CONCLUSION – Vulnerabilities in Systems

Atthey were exposed to the in-depth exploration of the entire process of vulnerability management, concerning its very integrated practices of identifying, assessing, and then ensuring the mitigation of vulnerabilities to strengthen the organization’s cybersecurity. The learners had gained some critical insights into the changing landscape of cyber threats through the adoption of an attacker mindset and study of common vulnerabilities. The first group activity was complemented with some real-life case studies with practical exercises alongside theoretical knowledge.

As a result of this fully immersive experience, the participants now have an excellent grasp of the strategies used in managing vulnerabilities and the analytical skills needed to secure organizational assets. This module will prove to be well-suited to the entire spectrum of these educational courses offered in cybersecurity and represented meaningfully in the context of vulnerability management for those who wish to make their career in the exciting and dynamic world of modern vulnerability management.

Leave a Comment