As stated in Chapter 19,  “A number of Organizations are involved in maintaining network vulnerability resources not dissimilar from virus and malware resources” (Brooks, Grow, Craig, & Short, 2018).
Mr Scott would like you to research the MITRE databases.  MITRE hosts three databases that you can use as a security professional to help research vulnerabilities, Attack Patterns, and Common Weakness in software and hardware. Here are the databases:

Common Vulnerabilities and Exposures (CVE) list is a publicly available list that you can search (https://cve.mitre.org/cve/search_cve_list.html (Links to an external site.)). 
Common Attack Pattern Enumeration and Classification (CAPEC) https://capec.mitre.org/index.html (Links to an external site.)
Common Weakness enumeration https://cwe.mitre.org/index.html (Links to an external site.)

For each of the databases, find two or three examples and write a short summary of what you find.  There is a lot of technical information in these databases. Do not get discouraged.  I want to familiarize you with these tools that you can use in the future. Do some research on any terms you are unfamiliar with and include it in your report.  You will never know when you will be asked to use these in the future.

Published by
Write
View all posts