GCS 5-3: Assets-Vulnerabilities

0.0(0)
Studied by 0 people
call kaiCall Kai
Locked
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
GameKnowt Play
Card Sorting

1/172

flashcard set

Earn XP

Description and Tags

Google Cybersecurity Course 5 (Assets, Threats, and Vulnerabilities) Module 3 (Vulnerabilities in systems)

Last updated 9:47 PM on 6/25/26
Name
Mastery
Learn
Test
Matching
Spaced
Call with Kai
Chat

No analytics yet

Send a link to your students to track their progress

173 Terms

1
New cards

Vulnerability

A weakness that can be exploited by a threat.

2
New cards

can

A vulnerability is a weakness that ___ be exploited by a threat.

3
New cards

Exploit

A way of taking advantage of a vulnerability.

4
New cards

Vulnerability management

The process of finding and patching vulnerabilities.

5
New cards

Vulnerability management steps

  1. Identify vulnerabilities

  2. Consider potential exploits

  3. Prepare defenses against threats

  4. Evaluate those defenses

6
New cards

Identify vulnerabilities

The 1st step in the vulnerability management process.

7
New cards

Consider potential exploits

The 2nd step in the vulnerability management process.

8
New cards

Prepare defenses against threats

The 3rd step in the vulnerability management process.

9
New cards

Evaluate those defenses

The 4th step in the vulnerability management process.

10
New cards

Zero-day

An exploit that was previously unknown.

11
New cards

Continuous Integration, Continuous Delivery, Continuous Deployment

Aka CI/CD.

12
New cards

Continuous Integration

Aka CI.

13
New cards

CI

All about frequently merging code changes from different developers into a central location. This triggers automated processes like building the software and running tests. This tool catches problems through an automated process: every time code is integrated, the system automatically builds and tests it. This immediate feedback loop reveals integration problems as soon as they occur. This tool helps catch integration problems early, leading to higher quality code. Think of it as the foundation of the pipeline.

14
New cards

Continuous Delivery

Aka CD (Ready to Release)

15
New cards

CD (Ready to Release)

Means your code is always ready to be released to users. After passing automated tests, code is automatically deployed to a staging environment or prepared for final release. Typically, a manual approval step is still needed before going live to production, which provides a control point.

16
New cards

Continuous Deployment

Aka CD (Fully Automated Releases)

17
New cards

CD (Fully Automated Releases)

Automated the entire release process. Changes that pass all automated checks are automatically deployed directly to the live production environment, with no manual approval. This is all about speed and efficiency.

18
New cards

Dynamic Application Security Testing

Aka DAST.

19
New cards

DAST

Automated tests that find vulnerabilities in running applications in realistic staging environments.

20
New cards

Security Compliance Checks

Automated checks that ensure software meets your organization’s security rules and policies.

21
New cards

Infrastructure Security Validations

Checks that make sure the systems hosting your software are secure.

22
New cards

Why CI/CD Pipelines is Non-Negotiable

  • Secure Automation

  • Improved Code Quality Via Security Checks

  • Faster Time to Market for Security Updates

  • Enhanced Collaboration and Feedback with Safety Focus

  • Reduced Risk

23
New cards

Common Vulnerabilities and Exposures

Aka CVEs.

24
New cards

Common CI/CD Pipeline Vulnerabilities: What to Watch Out For

  • Insecure Dependencies: Risks from Third-Party Code

  • Misconfigured Permissions: Controlling Access

  • Lack of Automated Security Testing: Missing Critical Checks

  • Exposed Secrets: Protecting Sensitive Information

  • Unsecured Build Environments: Protecting the Pipeline Infrastructure

25
New cards

Insecure Dependencies

CI/CD pipelines often use many third-party libraries and components. If these components have known vulnerabilities, those vulnerabilities can be unknowingly added to your application during the automated build process.

26
New cards

Action Step for Insecure Dependencies

Regularly scan and update your dependencies. Make sure you’re using secure versions of all external components.

27
New cards

Misconfigured Permissions: Controlling Access

Weak access controls in CI/CD tools, code repositories, and related systems are a significant vulnerability. Unauthorized access can allow attackers to modify code, pipeline configurations, or inject malicious content.

28
New cards

Action Step for Misconfigured Permissions

Implement strong access management using Role-Based Access Control (RBAC). Ensure only authorized individuals can access and change critical pipeline elements.

29
New cards

Lack of Automated Security Testing: Missing Critical Checks

Failing to include automated security testing in your CI/CD pipeline is a serious error. Without tools like SAST and DAST, you are almost guaranteed to release software full of vulnerabilities that will go undetected until after it’s live, leading to significantly higher costs and effort to fix.

30
New cards

Action Step for Lack of Automated Security Testing

Integrate automated security testing (SAST and DAST) into your CI/CD pipeline. This should be a core part of your secure CI/CD strategy.

31
New cards

Exposed Secrets: Protecting Sensitive Information

Hardcoding sensitive data like API keys, passwords, and tokens directly into code or pipeline settings is a serious security mistake. If exposed, these secrets can lead to major security breaches.

32
New cards

Action Step for Exposed Secrets

Never hardcode secrets. Use secure vaults or dedicated secrets management tools to store and manage sensitive information. Enforce this practice across your team.

33
New cards

Unsecured Build Environments: Protecting the Pipeline Infrastructure

The CI/CD environment itself (the servers and systems that run your pipeline) needs to be secure. If this environment is vulnerable, attackers can compromise it to alter builds, inject malicious code, or steal sensitive data.

34
New cards

Action Step for Unsecured Build Environments

Hard your build environments. Use secure containers or virtual machines to minimize the risk of a compromised pipeline.

35
New cards

Best practices for CI/CD

  • Integrate Security from the Start: Embrace DevSecOps

  • Implement Strong Access Controls

  • Automate Security Testing Everywhere

  • Keep Dependencies Updated

  • Secure Secrets Management

36
New cards

Integrate Security from the Start: Embrace DevSecOps

Adopt a DevSecOps mindset. This means building security into every stage of development, from planning to deployment and beyond. This naturally includes embedding security checks into your CI/CD pipeline.

37
New cards

Implement Strong Access Controls

Use strict permission policies based on the principle of least privilege. Only grant necessary access to code, pipeline settings, and deployment configurations. Use tools like MFA and RBAC to secure your CI/CD environment.

38
New cards

Automate Security Testing Everywhere

Make automated security scans and tests a fundamental part of your build and deployment process. Tools like SAST, SCA, and CAST are not optional extras — they are essential for a secure CI/CD pipeline so you can catch vulnerabilities early.

39
New cards

Keep Dependencies Updated

Maintain a current inventory of all third-party dependencies, libraries, and CI/CD plugins. Regularly update these components to patch security vulnerabilities (CVEs). Tools like Dependabot and Snyk can automate dependency management.

40
New cards

Software Composition Analysis

Aka SCA.

41
New cards

Secure Secrets Management

Never hardcode sensitive information in your code or pipeline configurations. Require the use of dedicated secrets management tools like HashiCorp Vault or AWS Secrets Manager. Secure store, access, and rotate secrets throughout the CI/CD process.

42
New cards

Defense in depth

A layered approach to vulnerability management that reduces risk.

43
New cards

Defense in depth strategy

  1. Perimeter layer

  2. Network layer

  3. Endpoint layer

  4. Application layer

  5. Data layer

44
New cards

usernames and passwords

Part of the perimeter layer in defense in depth strategy

45
New cards

authorization and firewalls

Part of the network layer Defense in Depth strategy

46
New cards

devices like laptop, desktop, or server

Part of the endpoint layer in Defense in Depth strategy

47
New cards

MFA and other security measures programmed into applications

Part of the application layer in defense in depth strategy

48
New cards

PII and asset classification

Part of the Data Layer in the Defense in Depth strategy

49
New cards

Exposure

A mistake that can be exploited by a threat.

50
New cards

Common Vulnerabilities and Exposures list

Aka CVE list

51
New cards

CVE list

An openly accessible dictionary of known vulnerabilities and exposures.

52
New cards

MITRE

A collection of non-profit research and development centers sponsored by the US government.

53
New cards

1999

What year was the CVE list created?

54
New cards

MITRE

Who created the CVE list?

55
New cards

CVE Numbering Authority

Aka CNA.

56
New cards

CNA

An organization that volunteers to analyze and distribute information on eligible CVEs

57
New cards

CVE list criteria

  1. Independent of other issues

  2. Recognized as a potential security risk

  3. Submitted with supporting evidence

  4. Only affect one codebase

58
New cards

NIST National Vulnerabilities Database

An organization that tests CVEs to reveal how significant the flaws are and to determine what kind of threat they pose.

59
New cards

Common Vulnerability Scoring System

Aka CVSS

60
New cards

CVSS

A measurement system that scores the severity of the vulnerability

61
New cards

< 4.0

What CVSS score is considered low risk?

62
New cards

> 9.0

What CVSS score is considered critical risk?

63
New cards

Open Worldwide Application Security Project

Aka OWASP

64
New cards

Open Web Application Security Project

Previous name for OWASP

65
New cards

OWASP

A nonprofit foundation that works to improve the security of software. OWASP is an open platform that security professionals from around the world use to share information, tools, and events that are focused on security the web.

66
New cards

OWASP Top 10

Updated every few years as technologies evolve. Rankings are based on how often the vulnerabilities are discovered and the level of risk they present.

67
New cards

OWASP Top 10

Audits use the ____ ___ __ as one point of reference when checking for regulatory compliance.

68
New cards

Broken access control

One of the OWASP Top 10. Access controls limit what users can do in a web application. For example, a blow might allow visitors to post comments on a recent article but restricts them from deleting the article entirely. Failures in these mechanisms can lead to unauthorized information disclosure, modification, or destruction. They can also give someone unauthorized access to other business applications.C

69
New cards

Cryptographic failures

One of the OWASP Top 10. Information is one of the most important assets businesses need to protect. Privacy laws such as GDPR require sensitive data to be protected by effective encryption methods. Vulnerabilities can occur when businesses fail to encrypt things like PII. For example, if a web application uses a weak hashing algorithm, like MD5, it’s more at risk of suffering a data breach.

70
New cards

General Data Protection Regulation

Aka GDPR.

71
New cards

Personally identifiable information

Aka PII.

72
New cards

Injection

One of the OWASP Top 10. Occurs when malicious code is inserted into a vulnerable application. Although the app appears to work normally, it does things that it wasn’t intended to do. These attacks can give threat actors a backdoor into an organization’s information system. A common target is a website’s login form. When these forms are vulnerable to injection, attackers can insert malicious code that gives them access to modify or steal user credentials.

73
New cards

Insecure design

One of the OWASP Top 10. Applications should be designed in such a way that makes them resilient to attack. When they aren’t, they’re much more vulnerable to threats like injection attacks or malware infections. Insecure design refers to a wide range of missing or poorly implemented security controls that should have been programmed into an application when it was being developed.

74
New cards

Security misconfiguration

One of the OWASP Top 10. Misconfigurations occur when security settings aren’t properly set or maintained. Companies use a variety of different interconnected systems. Mistakes often happen when those systems aren’t properly set up or audited. A common example is when businesses deploy equipment, like a network server, using default settings. This can lead businesses to use settings that fial to address the organization’s security objectives.

75
New cards

Vulnerable and outdated components

One of the OWASP Top 10. A category that mainly relates to application development. Instead of coding everything from scratch, most developers use open-source libraries to complete their projects faster and easier. This publicly available software is maintained by communities of programmers on a volunteer basis. Applications that use vulnerable components that have not been maintained are at greater risk of being exploited by threat actors.

76
New cards

Identification and authentication failures

One of the OWASP Top 10. Identification is the keyword in this vulnerability category. When applications fail to recognize who should have access and what they’re authorized to do, it can lead to serious problems. For example, a home Wi-Fi router normally uses a simple login form to keep unwanted guests off the network. If this defense fails, an attacker can invade the homeowner’s privacy.

77
New cards

Software and data integrity failures

One of the OWASP Top 10. Software and data integrity failures are instances when updates or patches are inadequately reviewed before implementation. Attackers might exploit these weaknesses to deliver malicious software. When that occurs, there can be serious downstream effects. Third parties are likely to become infected if a single system is compromised, an event known as a supply chain attack.

78
New cards

SolarWinds cyber attack 2020

A famous example of a supply chain attack

79
New cards

SolarWinds attack details

Event where hackers famously injected malicious code into software updates that the company unknowingly released to their customers.

80
New cards

Security loging and monitoring failures

One of the OWASP Top 10. In security, it’s important to be able to log and trace back events. Having a record of events like user login attempts is critical to finding and fixing problems. Sufficient monitoring and incident response is equally important.

81
New cards

Service-side request forgery

One of the OWASP Top 10. Companies have public and private information stored on web servers. When you use a hyperlink or click a button on a website, a request is sent to a server that should validate who you are, fetch the appropriate data, and then return it to you.

82
New cards

Server-side request forgery

Aka SSRF

83
New cards

SSRF

When attackers manipulate the normal operations of a server to read or update other resources on the server. These are possible when an application on the server is vulnerable. Malicious code can be carried by the vulnerable app to the host server that will fetch unauthorized data.

84
New cards

open-source intelligence

Aka OSINT.

85
New cards

OSINT

The collection and analysis of information from publicly available sources to generate usable intelligence. It’s commonly used to support cybersecurity activities, like identifying potential threats and vulnerabilities.

86
New cards

Information

Refers to the collection of raw data or facts about a specific subject.

87
New cards

Intelligence

Refers to the analysis of information to produce knowledge or insights that can be used to support decision-making.

88
New cards

Information security

Aka InfoSec.

89
New cards

OSING Tools

  • VirusTotal

  • MITRE ATT&CK

  • OSINT Framework

  • Have I been Pwned

90
New cards

VirusTotal

A service that allows anyone to analyze suspicious files, domains, URLs, and IP addresses for malicious content.

91
New cards

MITRE ATT&CK

A knowledge base of adversary tactics and techniques based on real-world observations.

92
New cards

OSINT Framework

A web-based interface where you can find OSINT tools for almost any kind of source or platform.

93
New cards

Have I been Pwned

A tool that can be used to search for breached email accounts.

94
New cards

Vulnerability assessment

The internal review process of organization’s security systems

95
New cards

Vulnerability assessment process

  1. Identification

  2. Vulnerability analysis

  3. Risk assessment

  4. Remediation

96
New cards

Identification

The first step in the Vulnerability Assessment Process. The goal is to understand the current state of a security system.

97
New cards

Vulnerability analysis

The second step in the Vulnerability Assessment Process. Each of the vulnerabilities that were identified are tested.

98
New cards

Risk assessment

The third step in the Vulnerability Assessment Process. A score is assigned to each vulnerability. This score is assigned based on two factors: how severe the impact would be if the vulnerability were to be exploited and the likelihood of this happening. Vulnerabilities uncovered during the first two steps of this process often outnumber the people available to fix them. Risk assessments are a way of prioritizing resources to handle the vulnerabilities that need to be addressed based on their score.

99
New cards

Remediation

The fourth step in the Vulnerability Assessment Process. The vulnerabilities that can impact the organization are addressed. This step occurs depending on the severity score assigned during the risk assessment step. This part of the process is normally a joint effort between the security staff and IT teams to come up with the best approach to fixing the vulnerabilities that were uncovered earlier.

100
New cards

Vulnerability scanner

Software that automatically compares known vulnerabilities and exposures against the technologies on the network. In general, these tools scan systems to find misconfigurations or programming flaws.