CyberOps Chap23

In profiling a server, what defines what an application is allowed to do or run on a server?

Which metric class in the CVSS Basic Metric Group identifies the impacts on confidentiality, integrity, and availability?

When establishing a server profile for an organization, which element describes the type of service that an application is allowed to run on the server?

What are the steps in the vulnerability management life cycle?

Which security management function is concerned with the inventory and control of hardware and software configurations of systems?

In addressing an identified risk, which strategy aims to decrease the risk by taking measures to reduce vulnerability?

Which step in the Vulnerability Management Life Cycle performs inventory of all assets across the network and identifies host details, including operating system and open services?

Which security management function is concerned with the implementation of systems that track the location and configuration of networked devices and software across an enterprise?

Which class of metric in the CVSS Base Metric Group defines the features of the exploit such as the vector, complexity, and user interaction required by the exploit?