StudyXY
RegisterLog in
Information Technology /CompTIA Security+ (SY0-601): Vulnerability Management

CompTIA Security+ (SY0-601): Vulnerability Management

Information Technology14 CardsCreated about 2 months ago

This topic covers the structured approaches to identifying and validating system vulnerabilities through vulnerability assessments and penetration testing. It includes key concepts such as defining security baselines, using tools like Metasploit, and understanding attacker techniques like pivoting and maintaining persistence within a compromised environment.

PrintEmbedImportReport

Vulnerability Assessment Methodology

  1. Define the desired state of security

  2. Create a baseline

  3. Prioritize the vulnerabilities

  4. Mitigate vulnerabilities

  5. Monitor the network and systems

Tap or swipe ↕ to flip
Swipe ←→Navigate
SSpeak
FFocus
1/14

Key Terms

Term
Definition

Vulnerability Assessment Methodology

  1. Define the desired state of security

  2. Create a baseline

  3. Prioritize the vulnerabilities

  4. Mitigate...

Penetration Testing Methodology

Penetration tests look at a network’s vulnerabilities from the outside
Metasploit and CANVAS are commonly used

1)...

Penetration Testing: Pivot & Persistence

Pivot:
Occurs when an attacker moves onto another workstation or user account

Persistence:
Ability of an attac...

TTX

Tabletop Exercise:
Exercise that uses an incident scenario against a framework of controls or a red team

A tablet...

Pentest Teams

Red Team
The hostile or attacking team in a penetration test or incident response exercise

Blue Team
The defen...

OVAL

Open Vulnerability & Assessment Language:
A standard designed to regulate the transfer of secure public information across networks and the ...

Log in to view all terms

Related Flashcard Decks

Information Technology

Security+ (SY0-701): Additional Knowledge

This flashcard set explores various cybersecurity topics including credential-stuffing attacks, data classification (e.g., private data), and key disaster recovery metrics like RTO. It also highlights protective measures such as hashing for data integrity, automation support challenges, and the use of URL scanning in web filtering to prevent malware infections.

10 cards
View Deck
Information Technology

Security+ (SY0-701): Cert Master Practice: 5.0 Security Program Management and Oversight

This flashcard set covers key concepts in cybersecurity governance frameworks, including centralized governance, data stewardship roles, and compliance laws like SOX. It also addresses environments supporting development and change management, as well as recovery strategies like Recovery Point Objective (RPO) to minimize data loss during system failures.

8 cards
View Deck
Information Technology

Security+ (SY0-701): Cert Master Practice: 4.0 Security Operations

This flashcard set explores advanced cybersecurity practices including refining SIEM alert handling, email security protocols (DKIM, DMARC), secure authentication methods, and strategic threat-hunting. It emphasizes how to enhance incident response efficiency and leverage proactive defense techniques like maneuvering to counteract potential threats.

11 cards
View Deck
Information Technology

Security+ (SY0-701): Cert Master Practice; 2.0 Threats, Vulnerabilities, and Mitigations

This deck covers key concepts related to threats, vulnerabilities, and mitigations in cybersecurity, focusing on virtual machine security.

1 cards
View Deck
Information Technology

Security+ (SY0-701): Cert Master Practice; 1.0 General Security Concepts

This flashcard deck covers key concepts from the Security+ (SY0-701) exam, focusing on general security concepts such as technical and operational controls, policy enforcement, and tokenization.

6 cards
View Deck
Information Technology

Security+ (SY0-701): Lesson 16: Summarize Data Protection Part 2

This flashcard deck covers key concepts from the Security+ (SY0-701) Lesson 16, focusing on data protection methods, DLP components, and security awareness training.

25 cards
View Deck

Study Tips

  • Press F to enter focus mode for distraction-free studying
  • Review cards regularly to improve retention
  • Try to recall the answer before flipping the card
  • Share this deck with friends to study together
CompTIA Security+ (SY0-601): Vulnerability Management
TermDefinition

Vulnerability Assessment Methodology

  1. Define the desired state of security

  2. Create a baseline

  3. Prioritize the vulnerabilities

  4. Mitigate vulnerabilities

  5. Monitor the network and systems

Penetration Testing Methodology

Penetration tests look at a network’s vulnerabilities from the outside
Metasploit and CANVAS are commonly used

1) Get permission and document info
2) Conduct reconnaissance
3) Enumerate the targets
4) Exploit the targets
5) Document the results

Penetration Testing: Pivot & Persistence

Pivot:
Occurs when an attacker moves onto another workstation or user account

Persistence:
Ability of an attacker to maintain a foothold inside the compromised network

TTX

Tabletop Exercise:
Exercise that uses an incident scenario against a framework of controls or a red team

A tabletop exercise is a discussion of simulated emergency situations and security incidents

Pentest Teams

Red Team
The hostile or attacking team in a penetration test or incident response exercise

Blue Team
The defensive team in a penetration test or incident response exercise

White Team
Staff administering, evaluating, and supervising a penetration testor incident response exercise

Purple Team
Defense and offense work together

OVAL

Open Vulnerability & Assessment Language:
A standard designed to regulate the transfer of secure public information across networks and the Internet utilizing any security tools and services available

OVAL is comprised of a language and an interpreter

A shared standard & language for various tools to share vulnerability info

Language is an XML schema

OVAL Interpreter

A reference developed to ensure the information passed around by these programs complies with the OVAL schemas and definitions used by the OVAL language

Network Mapping

Discovery and documentation of physical and logical connectivity that exists in the network

Commercial and free network mapping software is available

Vulnerability Scanning: Banner Grabbing

A technique used to gain information about servers and inventory the systems or services

Nessus and Qualysguard are commercial vulnerability scanners

Network Sniffing

The process of finding and investigating other computers on the network by analyzing the network traffic or capturing the packets being sent

Network sniffer, packet sniffing, and protocol analyzer can all conduct packet capture

Protocol Analyzer

Software tool that allows for the capture, reassembly, and analysis of packets from the network


Cryptanalysis Attack

Comparing a precomputed encrypted password to a value in a lookup table

Rainbow Table

List of precomputed values used to more quickly break a password since values don’t have to be calculated for each password being guessed

Rubber Hose Attack

Attempt to crack a password by threatening or causing a person physical harm in order to make them tell you the password