Lab Assessment Questions & Answers
1. Based on your research, what are the first steps that an organization should follow after it has identified a known vulnerability? Once a vulnerability is discovered in a production system, the company should notify all users of the application, giving full details and the organization should act promptly to address the vulnerability and have a patch available as soon as possible.
2. When categorizing vulnerabilities for a report that enumerates them, what model should an auditor use? In this type of report, the auditor, will use the confidentiality, integrity, and availability (CIA) model to properly classify each of the reported vulnerabilities
3. What is the standard formula used to rank potential threats? Risk = Damage x Chance.
4. What is the importance of having a security-incident response plan in an organization? security-incident response plan is vital in an organization because it is able to gauge the degree of any system compromise, identify where the failure and breach occurred, determine what can be done to fix the instance of the problem, and what can be done to keep it from happening again in the future.
5. How could the findings from the skipfish and RATS scans be categorized and presented in an assessment report?
6. What pertinent information should an auditor include in an assessment report? An auditor should include a section for informational findings which don't indicate an actual vulnerability, but which could be used in a malicious way.
7. Which vulnerabilities from the skipfish report did you include in your Lab Report file? Why?