site_logo

Previous Next


  1. Security+ Practice Tests
  2. Security+ Cram Notes
  3. Network+ Practice Tests

Systems and Security : Attacks, Threats, and Vulnerabilities

1.5 Techniques used in security assessments

There are several techniques used in security assessments, some of the most common include:

1. Vulnerability scanning: This involves using automated tools to identify potential security weaknesses in an IT environment.

2. Penetration testing: This is a simulated attack on a system or network that is performed with permission, with the goal of identifying vulnerabilities and measuring the effectiveness of existing security measures.

3. Social engineering: This is a tactic that exploits human emotions, such as trust or fear, to obtain sensitive information or gain unauthorized access to systems.

4. Configuration review: This is an examination of the configuration settings and security policies of a system, network, or application to ensure they are properly secured.

5. Log analysis: This involves analyzing logs generated by systems and applications to identify any suspicious or unusual activity.

6. Risk assessment: This is a systematic evaluation of the likelihood and impact of security threats to an organization, and the identification of measures to mitigate or manage these risks.

7. Application security testing: This involves testing the security of individual applications, including web applications, to identify vulnerabilities and to ensure that they are properly secured.

Threat hunting

1. Intelligence fusion
2. Threat feeds
3. Advisories and bulletins
4. Maneuver

Threat hunting is a proactive cybersecurity technique aimed at detecting and responding to advanced and persistent threats that may have evaded traditional security measures. It involves collecting, analyzing, and combining various security-related data sources, such as threat feeds, advisories, bulletins, and other intelligence, to identify potential security incidents. The goal of threat hunting is to identify signs of malicious activity or security breaches early on and take corrective action before the attacker can cause significant harm. It is often part of an overall security strategy that includes incident response, risk management, and security operations.

Vulnerability scans

1. False positives
2. False negatives
3. Log reviews
4. Credentialed vs. non-credentialed
5. Intrusive vs. non-intrusive
6. Application
7. Web application
8. Network
9. Common Vulnerabilities and Exposures (CVE)/Common Vulnerability Scoring System (CVSS)
10. Configuration review

1. False positives: A vulnerability scan result that indicates a vulnerability exists in a system, when in reality there is no vulnerability.

2. False negatives: A vulnerability scan result that indicates there is no vulnerability in a system, when in reality a vulnerability does exist.

3. Log reviews: Analysis of system and application logs for signs of security incidents and indicators of compromise.

4. Credentialed vs. non-credentialed: Credentialed scans are performed with the use of valid login credentials, giving the scanner access to the system's inner workings. Non-credentialed scans are performed without valid login credentials and are limited to the information that is accessible from the exterior of the system.

5. Intrusive vs. non-intrusive: Intrusive scans actively probe systems for vulnerabilities and may disrupt normal operations. Non-intrusive scans rely on passive techniques and do not disrupt normal operations.

6. Application scan: A type of vulnerability scan focused on identifying vulnerabilities in applications.

7. Web application scan: A type of vulnerability scan focused on identifying vulnerabilities in web-based applications.

8. Network scan: A type of vulnerability scan focused on identifying vulnerabilities in a network infrastructure.

9. Common Vulnerabilities and Exposures (CVE)/Common Vulnerability Scoring System (CVSS): A database of publicly disclosed vulnerabilities, along with a standardized method of scoring and rating the severity of each vulnerability.

10. Configuration review: A security assessment that focuses on the configuration of systems and applications to identify misconfigurations and vulnerabilities.

Previous Next




simulationexams.com ad

certexams.com ad