CpS 391 Quiz 2

¡Supera tus tareas y exámenes ahora con Quizwiz!

Which of the following is a characteristic of a vulnerability scan that is not a characteristic of a penetration test?

A vulnerability scan is usually automated.

What are the primary features of a security information event management (SIEM) tool?

Aggregation, correlation, event deduplication, time synchronization, and alerting

What is the primary goal of penetration testing?

Attempt to uncover deep vulnerabilities and then manually exploit them

Which penetration testing consultants are not given any knowledge of the network nor any elevated privileges?

Black box

Dillip is assigned the role of a SOC developer who must build different teams under the SOC. He must build a new team that will put security defenses in place to prevent another team from penetrating the network. Which team should he build to monitor the other team's attacks and shore up security defenses as necessary?

Blue team

What is the primary difference between credentialed and non-credentialed scans?

Credentialed scans use valid authentication credentials to mimic threat actors, while non-credentialed scans do not provide authentication credentials.

Which of the following is NOT an automated vulnerability scanning tool?

ELK Stack

Kile is assigned a role as a grey box penetration tester in the financial sector. He has to conduct a pen testing attack on all the application servers in the network. Which of the following tasks should he perform first while conducting a penetration testing attack on a network?

Footprinting

Which of the following penetration testing consultants have limited knowledge of the network and some elevated privileges?

Gray box

Which of the following is considered an industry-specific cybersecurity regulation?

Health Insurance Portability and Accountability Act of 1996 (HIPAA)

How can a configuration review reduce the impact of a vulnerability scan on the network's overall performance?

It ensures the scan is designed to meet its intended goals by defining scope and sensitivity levels

Alice, a vulnerability assessment engineer at a bank, is told to find all the vulnerabilities on an internet-facing web application server running on port HTTPS. When she finishes the vulnerability scan, she finds several different vulnerabilities at different levels. How should she proceed?

Look at the priority and the accuracy of the vulnerability

Which of the following offensive tools can be used by penetration testers post-exploitation or successful compromise of a user account in a network that dumps passwords from memory and hashes, PINs, and Kerberos tickets, and thus are used for privilege escalation attacks?

Mimikatz and hashcat

Keily is a vulnerability assessment engineer. She is told to find surface vulnerabilities on all internet-facing web servers in the network. Which of the following are surface vulnerabilities that she should initially chase?

Missing patches, lack of OS hardening, network design flaw, lack of application hardening, weak passwords, and misconfigurations

Which of the following tools can be used to scan 16 IP addresses for vulnerabilities?

Nessus Essentials

What is the fastest-running vulnerability scan, and why does this type of scan run so fast?

Non-credentialed scans perform fundamental actions such as looking for open ports and finding software that will respond to requests.

Which of the following techniques is a method of passive reconnaissance?

Open Source Intelligence (OSINT)

Which of the following compliance standards was introduced to provide a minimum degree of security to organizations who handle customer information such as debit card and credit card details daily?

PCIDSS

Which of the following is the advantage of penetration testing over vulnerability scanning?

Penetration testing uncovers and exploits deep vulnerabilities, while vulnerability scanning only discovers surface vulnerabilities.

Khalid joins a security team where he is assigned an SOC developer role and has to build different teams under SOC. Which of the following teams should he build to deal with providing real-time feedback related to security incidents and threat detections, which can then be utilized to facilitate better prioritization of threats and a mature way of detecting threats?

Purple team

Which standardized framework was developed by NIST to be used as a guidance document designed to help organizations assess and manage risks to their information and systems, and are also used as a comprehensive roadmap that organizations can use to seamlessly integrate their cybersecurity?

Risk management framework (RMF)

Robert is a black box penetration tester who conducted pen testing attacks on all of the network's application servers. He was able to exploit a vulnerability and gain access to the system using a mimikatz tool. Which of the following activities did he perform using mimikatz, and which task should he perform next?

Robert used mimikatz for credential harvesting, and should perform privilege escalation using a high-privileged account next.

Which of the following technologies can be used together for data management in security infrastructure and collecting and analyzing data.

SIEM and SOAR

A cyber analyst needs to quickly do a vulnerability scan on an enterprise network with many devices. Which approach should the analyst take?

Scan the most important devices for as long as it takes for each device

Which of the following is a primary difference between a red team and a white team?

The red team scans for vulnerabilities and exploits them manually, whereas the white team defines the rules of the penetration testing.

Which operation is carried out by proactively searching security logs for cyber threats that have thus far gone undetected.

Threat hunting

A vulnerability assessment engineer performed vulnerability scanning on active directory servers and discovered that the active directory server is using a lower version of Kerberos. To alert management to the risk behind using a lower version of Kerberos, he needs to explain what an attacker can do to leverage the vulnerabilities in it. Which of the following actions can the attacker perform after exploiting vulnerabilities in Kerberos?

Use privilege escalation

What is the most accurate explanation of sentiment analysis, and what kind of a tool or product can be utilized to perform this operation?

Using text analysis techniques and IBM QRadar to interpret and classify emotions (positive, negative, and neutral) within text data

There is often confusion between vulnerability scanning and penetration testing. What is the best explanation of the difference between vulnerability scanning and penetration testing?

Vulnerability scanning is performed using an automated tool to scan a network for known vulnerability signatures. Penetration testing involves attempting to manually uncover deep vulnerabilities just as a threat actor would, and then exploiting them.

Which of the following is the most efficient means of discovering wireless signals?

War flying


Conjuntos de estudio relacionados

ปฏิบัติเวชกรรมไทย(รวมทั้งหมด)

View Set

Ch.4- Standard provisions and Options

View Set

BA06: Power Tools, Advanced Manufacturing 1

View Set

Chapter 16 - Reporting the Statement of Cash Flows

View Set

Chapter 20: Viruses, Bacteria, and Archaea BIO 2

View Set

Chapter 43: Nursing Care of the Child With a Genitourinary Disorder

View Set

review place promotion AGEC 3010

View Set