39. Understanding Security Vulnerabilities and Zero-Day Attacks

To improve the user interface

To close security holes and prevent attacks

To enhance the speed of the system

To add new features

Managers and analysts

Researchers and attackers

Developers and designers

Users and testers

An attack that targets only outdated software

An attack that exploits a vulnerability before a patch is available

An attack that is launched by internal employees

An attack that occurs on the first day of the month

To report it to the vendor

To create attack code and exploit it

To improve the software

To share it with the community

Because the system has too many users

Because the system is not connected to the internet

Because the vulnerability is unknown to the vendor

Because the system is too old

On social media

On the Common Vulnerabilities and Exposures (CVE) website

In the local newspaper

On the company's internal portal

Denial of service

SQL injection

Memory corruption and sandbox escape

Phishing attack

Unauthorized access to user data

Self-signed code running during the UEFI boot process

Network intrusion

Malware installation

Disclosure of sensitive information

Phishing attack

Sandbox escape

Arbitrary code execution

To improve the user experience

To reduce software costs

To prevent exploits being used in the wild

To increase their market share