Vulnerability Scanning Concepts
Passively Test Security Controls
Security testing that does not involve any direct interaction with the targets, such as sending packets to a target. -NIST.gov
Define Vulnerability
Weakness in an information system, system security procedures, internal controls, or implementation that could be exploited or triggered by a threat source. -NIST.gov
Define Lack of Security Controls
The lack of adequate security controls represents a vulnerability, exposing sensitive information and data to the risk of malicious damage, attack or unauthorized access by hackers, resulting in loss of sensitive information, which could lead to the loss of goodwill for the organization. -proprofs.com
Define Common Misconfigurations
Some common security misconfigurations include: Unpatched systems. Using default account credentials (i.e., usernames and passwords) Unprotected files and directories. -infosecinstitute.com
Define Intrusive
Intrusive scanning actually tries to exploit the vulnerabilities the scanner is looking for. -itprotoday.com
Define Non-Intrusive
Nonintrusive methods generally include a simple scan of the target system's attributes (e.g., inspecting the file system for specific files or file versions, checking the registry for specific values, scanning for missing security updates, port scanning to discover which services are listening). -itprotoday.com
Define Credentialed
Credentialed scans, which make use of the admin account, do a more thorough check by looking for problems that cannot be seen from the network. -sisainfosec.com
Define Non-Credentialed
Non-credentialed scans provide a quick view of vulnerabilities by only looking at network services exposed by the host. -sisainfosec.com
Define False Positive
An alert that incorrectly indicates that a vulnerability is present. -NIST.gov