sec+ chapter 16

A company discovers that a vulnerability in their web application has been exposed and posted on an information-sharing organization's website. What type of threat intelligence does this represent?

Open-source intelligence (OSINT).

A company with high risk tolerance is MOST likely to take which of the following approaches to a newly discovered but non-critical vulnerability?

Delay remediation and monitor the vulnerability.

A cybersecurity analyst performs a routine scan on the network and finds an unexpected open port on a server. Which of the following is the FIRST step in confirming this finding?

Re-run the vulnerability scan to ensure the result was not a false positive.

After deploying a security patch, which of the following is the BEST way to validate that the vulnerability has been effectively remediated?

Rescan the system to confirm the patch application.

After patching a server, a security administrator should perform which of the following to ensure the patch was applied correctly?

Rescanning.

A security analyst is prioritizing vulnerabilities for remediation. Which of the following factors should be considered?

The CVSS score of the vulnerabilities.

A security analyst receives alerts from an open-source intelligence (OSINT) service about a potential vulnerability in the company’s web server software. Which of the following should be the FIRST action?

Confirm the vulnerability.

During a penetration test, a tester identifies a vulnerability but cannot exploit it due to security controls in place. This situation illustrates which of the following concepts?

Compensating controls.

If an organization wants to evaluate the potential environmental impact of a vulnerability, which of the following should it consider?

The broader context, such as network architecture and external dependencies.

In the context of vulnerability management, what is the primary benefit of a bug bounty program?

It encourages responsible disclosure of vulnerabilities.

In vulnerability management, the term 'exposure factor' is BEST described as which of the following?

The percentage of loss a resource would suffer from a vulnerability exploit.

What is a common method for confirming whether a vulnerability scan result is a false negative?

Attempting to exploit the vulnerability in a controlled environment.

What is the purpose of conducting a system/process audit in vulnerability management?

To check compliance with security policies and identify any deviations.

What is the purpose of performing a dynamic analysis on an application?

To monitor the application in a running state to identify potential security issues.

What is the role of vulnerability classification in vulnerability management?

To determine the impact level of vulnerabilities on different systems.

When a security researcher discloses a vulnerability to the public after the vendor has failed to address it within a reasonable timeframe, this is known as:

full disclosure

When managing vulnerabilities, what is the purpose of using the Common Vulnerability Scoring System (CVSS)?

To provide a quantitative measure of the severity of identified vulnerabilities.

Which of the following best describes the use of a threat feed in vulnerability management?

A stream of data related to potential threats from various sources, including OSINT and dark web.

Which of the following is a vulnerability response that might be used if patching is not immediately possible?

Implementing compensating controls.

Which vulnerability identification method involves analyzing the source code of an application without executing it?

Static analysis.