CSOC Vulnerability Assessment

Question 1

What is the difference between a vulnerability assessment and a penetration test?

Accepted Answer

A vulnerability assessment identifies and reports vulnerabilities without exploiting them; a penetration test actively exploits vulnerabilities to demonstrate real-world impact

Answer

A vulnerability assessment is conducted by internal staff; a penetration test must be conducted by external consultants

Answer

A vulnerability assessment is always automated; a penetration test is always manual

Answer

There is no meaningful difference — both are different names for the same security testing process

Question 2

What is the Common Vulnerability Scoring System (CVSS) used for?

Accepted Answer

To provide a standardised numerical score indicating the severity of a cybersecurity vulnerability

Answer

To classify vulnerabilities by the type of system they affect

Answer

To track the number of vulnerabilities found in a specific software product over time

Answer

To certify that a vulnerability assessment was conducted to an acceptable standard

Question 3

What does a vulnerability scanner do in a cybersecurity context?

Accepted Answer

It automatically scans systems and networks to identify known vulnerabilities, misconfigurations, and security weaknesses

Answer

It monitors network traffic in real time to detect active attacks

Answer

It patches identified vulnerabilities automatically without human intervention

Answer

It tests the physical security of server rooms and network infrastructure

Question 4

What is 'attack surface' in cybersecurity and why is reducing it important?

Accepted Answer

The sum of all points where an attacker can try to enter or extract data from a system; reducing it limits the opportunities available to attackers

Answer

The physical area within which a cyber attack can be launched against a facility

Answer

The total cost of a cyber attack, including recovery expenses

Answer

The range of IP addresses that a system is accessible from on the internet

Question 5

What is the primary purpose of a vulnerability management programme?

Accepted Answer

To systematically identify, prioritise, remediate, and verify fixes for security vulnerabilities across an organisation's IT assets on a continuous basis

Answer

To document all vulnerabilities discovered in a system without necessarily fixing them

Answer

To conduct annual penetration tests and report findings to senior management

Answer

To ensure all software products used in the organisation are licensed and updated automatically

Question 6

What does it mean when a vulnerability is described as 'actively exploited in the wild'?

Accepted Answer

Attackers are currently using the vulnerability to compromise real systems and organisations

Answer

The vulnerability was discovered during an actual penetration test in a real environment

Answer

The vulnerability has been publicly disclosed but not yet used in any attacks

Answer

The vulnerability exists in nature-related industries such as environmental monitoring