Ann, a security analyst, is preparing for an upcoming security audit. To ensure that she identifies
unapplied security controls and patches without attacking or compromising the system, Ann would use
which of the following?
A.
Vulnerability scanning
B.
SQL injection
C.
Penetration testing
D.
Antivirus update
Explanation:
A vulnerability scan is the process of scanning the network and/or I.T. infrastructure for threats and
vulnerabilities. The threats and vulnerabilities are then evaluated in a risk assessment and the necessary
actions taken to resolve and vulnerabilities. A vulnerability scan scans for known weaknesses such as
missing patches or security updates.
A vulnerability scan is the automated process of proactively identifying security vulnerabilities of
computing systems in a network in order to determine if and where a system can be exploited and/or
threatened. While public servers are important for communication and data transfer over the Internet,
they open the door to potential security breaches by threat agents, such as malicious hackers.
Vulnerability scanning employs software that seeks out security flaws based on a database of known
flaws, testing systems for the occurrence of these flaws and generating a report of the findings that an
individual or an enterprise can use to tighten the network’s security.
Incorrect Answers:
B: SQL injection is a code injection technique, used to attack data-driven applications, in which malicious
SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the
attacker). SQL injection must exploit a security vulnerability in an application’s software, for example,
when user input is either incorrectly filtered for string literal escape characters embedded in SQL
statements or user input is not strongly typed and unexpectedly executed. SQL injection is mostly known
as an attack vector for websites but can be used to attack any type of SQL database.SQL injection is not a method used to test for unapplied security controls and patches.
C: Penetration testing evaluates an organization’s ability to protect its networks, applications, computers
and users from attempts to circumvent its security controls to gain unauthorized or privileged access to
protected assets.
The difference between a vulnerability scan and a penetration test is that by performing a penetration
test, you are actually trying to access a system by exploiting a weakness in the system. This question
states that you need to test for unapplied security controls and patches without attacking or
compromising the system.
D: An antivirus update is the process of updating the virus definition files used by antivirus software. It is
not used to test for unapplied security controls and patches.http://www.webopedia.com/TERM/V/vulnerability_scanning.html
http://en.wikipedia.org/wiki/SQL_injection