4.3 Explain various activities associated with vulnerability management

0.0(0)
studied byStudied by 0 people
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/4

flashcard set

Earn XP

Description and Tags

OSINT

CVSS

CVE

identification methods

analysis

validation of remediation

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

5 Terms

1
New cards

What is fuzzing?

This is a term used to describe “dynamic analysis”. It is a way to randomly enter input into an application to see how that application handles it. It is mostly looking for crashes, exceptions or other error messages.

2
New cards

What does OSINT stand for?

This stands for Open-source intelligence. This is open-source information that is publicly available to anyone. This could include commercial data, government data or other information.

3
New cards

What is a bug bounty program?

This is a way for manufactures to rewards users for discovering a bug in their product and bringing it up to their attention before an attacker finds it. The manufacture will then reward them for it.

4
New cards

What does CVSS stand for and what is the purpose of this?

CVSS stands for Common Vulnerability Scoring System. Scoring can change over time and is used to determine the importance of a vulnerability with 0 being the lowest and 10 being the highest.

5
New cards

What does CVE stand for and what is the purpose of this?

CVE stands for Common Vulnerabilities and Exposures. This is a way for vulnerabilities to be cross-referenced online.