Vulnerability Management

• The process encompassing vulnerability scanning and other factors, such as risk acceptance, is called?

vulnerability management

• Is the overall objective of vulnerability management to increase an organisation's risk exposure? (yea/nay)

nay

• What is the CVSS for CVE-2013-1048?

4.6

• What is the Access Complexity for CVE-2013-1048?

low

• With the fictional CVE-2023-2022, what would the CVE ID assign year be?

2023

• After scanning, what is the total number of medium-level vulnerabilities?

1

• What is the severity score for the vulnerability "ICMP Timestamp Reply Information Disclosure"?

2.1

• What is the operating system and the version number of the target machine?

Ubuntu 20.04

• Download the LinuxAppTask report in PDF format. What is the severity rating of the vulnerability in the report, where the solution type is "Workaround"?

Medium

• What is the solution type for the "TCP timestamps" vulnerability?

Mitigation

• What is the CVE for "ICMP Timestamp Reply Information Disclosure"?

CVE-1999-0524

• As a Security Engineer, the priority of a remediation ticket for a critical vulnerability must be (high/medium/low)?  

high

• The process of listing vulnerabilities as per their order of priority is called?

Prioritise Vulnerabilities

• Which phase entails updating and strengthening resilience plans and restoring any compromised capabilities or services caused by a cybersecurity event?

Recover