Review Questions
-
1. Tom is reviewing a vulnerability scan report and finds that one of the servers on his network suffers from an internal IP address disclosure vulnerability. What protocol is likely in use on this network that resulted in this vulnerability?
- TLS
- NAT
- SSH
- VPN
-
2. Which one of the CVSS metrics would contain information about the number of times that an attacker must successfully authenticate to execute an attack?
- AV
- C
- Au
- AC
-
3. Which one of the following values for the CVSS access complexity metric would indicate that the specified attack is simplest to exploit?
- High
- Medium
- Low
- Severe
-
4. Which one of the following values for the confidentiality, integrity, or availability CVSS metric would indicate the potential for total compromise of a system?
- N
- A
- P
- C
-
5. What is the most recent version of CVSS that is currently available?
- 1.0
- 2.0
- 2.5
- 3.0
-
6. Which one of the following metrics is not included in the calculation of the CVSS exploitability score...