Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the ultimate-blocks domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/margheri/public_html/wp-includes/functions.php on line 6121

Notice: _load_textdomain_just_in_time işlevi yanlış çağrıldı. Translation loading for the perfect-portfolio domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Ayrıntılı bilgi almak için lütfen WordPress hata ayıklama bölümüne bakın. (Bu ileti 6.7.0 sürümünde eklendi.) in /home/margheri/public_html/wp-includes/functions.php on line 6121
Tryhackme: Vulnerability Management Writeup - Aleyna Doğan

Tryhackme: Vulnerability Management Writeup

The Room: “Learn how to identify, detect, mitigate and report a vulnerability effectively.”

https://tryhackme.com/room/vulnerabilitymanagementkj

Task 2: Vulnerability Management vs Vulnerability Scanning

2.1. The process encompassing vulnerability scanning and other factors, such as risk acceptance, is called?

vulnerability management

2.2. Is the overall objective of vulnerability management to increase an organisation’s risk exposure? (yea/nay)

nay

Task 3: Vulnerability Classification

3.1. What is the CVSS for CVE-2013-1048?

4.6

3.2. What is the Access Complexity for CVE-2013-1048?

low

3.3. With the fictional CVE-2023-2022, what would the CVE ID assign year be?

2023

Task 4: Vulnerability Management Life Cycle – Discover & Prioritise

4.2. After scanning, what is the total number of medium-level vulnerabilities?

1

4.3. What is the severity score for the vulnerability “ICMP Timestamp Reply Information Disclosure”?

2.1

4.4. What is the operating system and the version number of the target machine?

Ubuntu 20.04

Task 5: Vulnerability Management Life Cycle – Assess & Report

5.1. Download the LinuxAppTask report in PDF format. What is the severity rating of the vulnerability in the report, where the solution type is “Workaround”?

Medium

5.2. What is the solution type for the “TCP timestamps” vulnerability?

Mitigation

5.3. What is the CVE for “ICMP Timestamp Reply Information Disclosure”?

CVE-1999-0524

Task 6: Vulnerability Management Life Cycle – Remediate & Verify

6.2. As a Security Engineer, the priority of a remediation ticket for a critical vulnerability must be (high/medium/low)?

high

Task 7: Vulnerability Management Framework

7.1. The process of listing vulnerabilities as per their order of priority is called?

Prioritise Vulnerabilities

7.2. Which phase entails updating and strengthening resilience plans and restoring any compromised capabilities or services caused by a cybersecurity event?

Recover

Bir yanıt yazın

E-posta adresiniz yayınlanmayacak. Gerekli alanlar * ile işaretlenmişlerdir