TestOut - CompTIA CySA+ Practice Questions 5.4.17
Which web application scanner looks for common vulnerabilities, like cross-site scripting and SQL injections, and also scans for the OWASP Top 10? A. Burp Suite B. Qualys C. Nessus D. OpenVAS
A. Burp Suite Explanation Burp Suite scans for cross-site scripting and SQL injection vulnerabilities. It can also scan for the OWASP Top 10. Nessus is not a web application scanner. Qualys is an infrastructure vulnerability scanner. OpenVAS is an open-source infrastructure vulnerability scanner.
Which of the following BEST describes scan information? A. The name of the scanning tool, its version, and the network ports that have been scanned B. The scan's origin and the scanner's vulnerability assessment C. Suggestions for remediation with links to patches D. The target system's name and address
A. The name of the scanning tool, its version, and the network ports that have been scanned Explanation Scan information is the name of the scanning tool, its version, and the network ports that have been scanned. Target information is the target system's name and address. Results provide a complete scanning report. Subtopics of a scanning report are: - Target - Each host's detailed information. - Services - The names and ports of the network services. - Classification - The scan's origin. - Assessment - The scanner's vulnerability assessment. The security vulnerability report includes: - Open and detected ports. - New vulnerabilities. - Suggestions for remediation with links to patches.
You have just installed Nessus for auditing a network segment. Which of the following Nessus scans would be BEST suited for an initial query of hosts on a network segment? A. Credentialed Patch Audit B. Basic Network Scan C. Bash Shellshock Detection D. Advanced Dynamic Scan
B. Basic Network Scan Explanation Basic Network Scan discovers all hosts on a network and performs queries to determine vulnerability risks and threat vectors. It is the best answer here. Bash Shellshock Detection is specific to a known subset of exploitable vulnerabilities, usually on Unix and Linux-based operating systems. That means other operating systems would be mostly ignored, which is not what we would prefer on an initial scan. Credentialed Patch Audit only looks for patches that haven't been installed. Advanced Dynamic Scan targets CVE ranges that might need to be addressed on a targeted host or hosts. This is not what we want for a primary scan.
Which tool scans web servers and version-specific vulnerabilities? A. Nessus B. Nikto C. Qualys D. OWASP ZAP
B. Nikto Explanation Nikto is a web server scanner. It tests for outdated versions of more than 1,250 servers. Nessus Professional is an assessment solution that resides on your network. Qualys Vulnerability Management is a cloud-based service that keeps all your data in a virtual private database. OWASP ZAP is an open-source web application security scanner designed specifically for testing web applications. It is both flexible and extensible.
As a security analyst, you need a web application scanner that is extensible and that evaluates each web application individually. Which tool would BEST meet your needs? A. Net Scan B. OWASP ZAP C. Nessus Professional D. SecurityMetrics Mobile
B. OWASP ZAP Explanation OWASP ZAP is an open-source web application security scanner designed specifically for testing web applications. It is both flexible and extensible. Nessus Professional is an assessment solution that resides on your network. Net Scan provides discovery through network and port scanning. SecurityMetrics Mobile detects vulnerabilities on mobile devices.
As a security analyst, you need a web-based scanner for your enterprise-level employer. It's imperative that the data be encrypted while in motion and at rest and that only the scanner workers reside on-premises. Which application would BEST suit your needs? A. OpenVAS B. Qualys C. Nikto D. Nessus Professional
B. Qualys Explanation Qualys Vulnerability Management is a cloud-based service that keeps an organization's data in a private virtual database. OpenVAS is a vulnerability scanner that has more than 50,000 vulnerability tests with daily updates. Nessus Professional is an assessment solution that resides on your network. This makes it more suitable for smaller organizations. Nikto is a web server scanner that tests more than 1,250 outdated versions of web servers.
Which of the following BEST describes the Qualys Vulnerability Management assessment tool? A. It scans for more than 6,000 files and programs that can be exploited. B. It scans for known vulnerabilities, malware, and misconfigurations. C. It is a cloud-based service that keeps all your data in a private virtual database. D. It has more than 50,000 vulnerability tests with daily updates.
C. It is a cloud-based service that keeps all your data in a private virtual database. Explanation Qualys Vulnerability Management is a cloud-based service that keeps all your data in a virtual private database. Qualys is easy to use and is capable of scanning large enterprises. Data is always encrypted during transit and at rest, so even though it is cloud-based, your data is secure. Only their scanners reside on your network. Nessus Professional is an assessment solution that resides on your network. This makes it more suitable for smaller organizations. It scans for known vulnerabilities, malware, and misconfigurations. OpenVAS is a vulnerability scanner that has more than 50,000 vulnerability tests with daily updates. Nikto is a web server scanner. It tests for outdated versions of more than 1,250 servers. It also scans for more than 6,000 files and programs that can be exploited.
Kjell wants a network scanning tool that gives remediation solutions to found vulnerabilities. He also wants to be able to create customized scan jobs that run during off hours and can scan multiple network technologies. Which application is BEST for him? A. Arachni B. Burp Suite C. Nessus D. OWASP ZAP
C. Nessus Explanation Nessus allows for customized scans that are scheduled as convenient. It also recommends steps to remediate found vulnerabilities. Burp Suite is web scanner that has multiple unique features. The scanner looks for common vulnerabilities, like cross-site scripting and SQL injections. OWASP ZAP is an open-source tool created by the Open Web Application Security Project (OWASP). It is a web application scanner that's based on the on-path proxy (also referred to as a man-in-the-middle proxy). Arachni is an open-source web scanner that works in standard environments as well as in highly complex web application environments.
A security administrator wants to scan the company's network for vulnerabilities. Which of these scanners is an open-source software developed from the Nessus codebase? A. Qualys B. Tenable C. OpenVAS D. nmap
C. OpenVAS Explanation OpenVAS is an open-source (free) software developed from the Nessus codebase before Nessus became commercial software. Greenbone manages the scanner and is also available as a commercial product. Nmap is a free and open-source tool for network discovery and security auditing. However, it is not open-source software or developed from the Nessus codebase. Qualys is a cloud-based vulnerability management solution. It is not open-source software or developed from the Nessus codebase. Tenable is the company that currently develops Nessus, a commercial vulnerability scanner. However, it is not open-source software developed from the Nessus codebase.
You are looking for a vulnerability assessment tool that detects vulnerabilities on mobile devices and gives you a report containing a total risk score, a summary of revealed vulnerabilities, and remediation suggestions. Which of the following vulnerability assessment tools should you use? A. Retina CS for Mobile B. Nessus Professional C. SecurityMetrics Mobile D. Network Scanner
C. SecurityMetrics Mobile Explanation SecurityMetrics Mobile detects vulnerabilities on mobile devices. It can help you protect customers' data and avoid unwanted app privileges, mobile malware, device theft, connectivity issues, threats to device storage, and unauthorized account access. You can expect a report containing a total risk score, a summary of revealed vulnerabilities, and remediation suggestions. Nessus Professional is an assessment solution that resides on your network. This makes it more suitable for smaller organizations. It scans for known vulnerabilities, malware, and misconfigurations. Nessus also provides reporting and remediation as well as ongoing monitoring. Retina CS for Mobile provides comprehensive vulnerability management for smartphones, mobile devices, and tablets. It can scan, prioritize, and fix smartphone vulnerabilities. It analyzes and reports its findings from a centralized data warehouse. Network Scanner is a tool that provides an understanding of a network's usage. It generates reports on security issues that can be backed up to your web storage.
