Ethical Hacking 7.4.10

Which of the following includes a list of resolved vulnerabilities? answer Statistical vulnerability report Security vulnerability summary Statistical vulnerability summary Security vulnerability report

Security vulnerability summary

Which of the following best describes Qualys Vulnerability Management assessment tool? answer It has more than 50,000 vulnerability tests with daily updates. It is a cloud-based service that keeps all your data in a private virtual database. It scans for known vulnerabilities, malware, and misconfigurations. It scans for more than 6,000 files and programs that can be exploited.

It is a cloud-based service that keeps all your data in a private virtual database.

Clive, a penetration tester, is scanning for vulnerabilities on the network, specifically outdated versions of Apple iOS. Which of the following tools should he use? answer Nikto Retina CS Nessus NetScan

Nessus Nessus offers scanning on mobile devices and will let you know which devices are unauthorized or non-compliant. It also identifies outdated versions of Apple iOS and highlights devices that have not connected for a period of time. Retina CS for Mobile provides comprehensive vulnerability management for smartphones, mobile devices, and tablets. NetScan is a tool that provides discovery through network and port scanning. Nikto is a web server scanner. It tests for outdated versions of more than 1,250 servers.

Which of the following would be the best open-source tool to use if you are looking for a web server scanner? answer Nikto Nessus OpenVAS NetScan

Nikto

Karen received a report of all the mobile devices on the network. This report showed the total risk score, summary of revealed vulnerabilities, and remediation suggestions. Which of the following types of software generated this report? answer A vulnerability scanner A port scanner A malware scanner An antivirus scanner

A vulnerability scanner

The results section of an assessment report contains four sub-topics. Which of the following sub-sections contains the origin of the scan? answer Services Target Classification Assessment

Classification

You are looking for a vulnerability assessment tool that detects vulnerabilities in mobile devices and gives you a report containing a total risk score, a summary of revealed vulnerabilities, and remediation suggestions. Which of the following vulnerability assessment tools should you use? answer Nessus Professional Network Scanner SecurityMetrics Mobile Retina CS for Mobile

SecurityMetrics Mobile SecurityMetrics Mobile detects vulnerabilities in mobile devices. It can help you protect customers' data and avoid unwanted app privileges, mobile malware, device theft, connectivity issues, threats to device storage, and unauthorized account access. You can expect a report containing a total risk score, a summary of revealed vulnerabilities, and remediation suggestions. Nessus Professional is an assessment solution that resides on your network. This makes it more suitable for smaller organizations. It scans for known vulnerabilities, malware, and misconfigurations. Nessus also provides reporting and remediation, as well as ongoing monitoring. Retina CS for Mobile provides comprehensive vulnerability management for smartphones, mobile devices, and tablets. It can scan, prioritize, and fix smartphone vulnerabilities. It analyzes and reports its findings from a centralized data warehouse. Network Scanner is a tool that provides an understanding of the use of a network. It generates reports of security issues and vulnerabilities that auto-saves and can be backed up to your web storage.