Ethical Hacker CH 7
The results section of an assessment report contains four sub-topics. Which of the following sub-sections contains the origin of the scan?
Classification
You are an ethical hacker contracting with a medical clinic to evaluate their environment. Which of the following is the first thing you should do?
Define the effectiveness of the current security policies and procedures.
Which of the following includes a list of resolved vulnerabilities?
Security vulnerability summary
Which of the following best describes active scanning?
A scanner transmits to a network node to determine exposed ports and can also independently repair security flaws.
Karen received a report of all the mobile devices on the network. This report showed the total risk score, summary of revealed vulnerabilities, and remediation suggestions. Which of the following types of software generated this report?
A vulnerability scanner
As an ethical hacker, you are looking for a way to organize and prioritize vulnerabilities that were discovered in your work. Which of the following scoring systems could you use?
CVSS
This government resource is a community-developed list of common software security weaknesses. They strive to create commonality in the descriptions of weaknesses of software security. Which of the following government resources is described?
CWE
Jessica, an employee, has come to you with a new software package she would like to use. Before you purchase and install the software, you would like to know if there are any known security-related flaws or if it is commonly misconfigured in a way that would make it vulnerable to attack. You only know the name and version of the software package. Which of the following government resources would you consider using to find an answer to your question?
NVD
Which of the following assessment types can monitor and alert on attacks but cannot stop them?
Passive
Which of the following best describes the verification phase of the vulnerability management life cycle?
Proves your work to management and generates verifiable evidence to show that your patching and hardening implementations have been effective.
Rose, an ethical hacker, has created a report that clearly identifies her findings and recommendations for locking down an organization's systems and patching problems. Which of the following phases of the vulnerability management life cycle is she working in?
Risk assessment
Jaxon, a pentester, is discovering vulnerabilities and design flaws on the Internet that will open an operating system and applications to attack or misuse. Which of the following tasks is he accomplishing?
Vulnerability research
There are two non-government sites that provide lists of valuable information for ethical hackers. Which of the following best describes the Full Disclosure site?
A mailing list that often shows the newest vulnerabilities before other sources.`
Which of the following are the three metrics used to determine a CVSS score?
Base, temporal, and environmental
Which of the following government resources is a dictionary of known patterns of cyberattacks used by hackers?
CAPEC
Which of the following solutions creates the risk that a hacker might gain access to the system?
Service-based
In a world where so much private information is stored and transferred digitally, it is essential to proactively discover weaknesses. An ethical hacker's assessment sheds light on the flaws that can open doors for malicious attackers. Which of the following types of assessments does an ethical hacker complete to expose these weeknesses?
Vulnerability assessment
This type of assessment evaluates deployment and communication between the server and client. It is imperative to develop tight security through user authorization and validation. Open-source and commercial tools are both recommended for this assessment. Which of the following types of vulnerability research is being done?
Application flaws
The list of cybersecurity resources below are provided by which of the following government sites? Information exchange Training and exercises Risk and vulnerability assessments Data synthesis and analysis Operational planning and coordination Watch operations Incident response and recovery
CISA
Which of the following best describes Qualys Vulnerability Management assessment tool?
It is a cloud-based service that keeps all your data in a private virtual database.
Clive, a penetration tester, is scanning for vulnerabilities on the network, specifically outdated versions of Apple iOS. Which of the following tools should he use?
Nessus
Which of the following would be the best open-source tool to use if you are looking for a web server scanner?
Nikto
First, you must locate the live nodes in the network. Second, you must itemize each open port and service in the network. Finally, you test each open port for known vulnerabilities. These are the three basic steps in which of the following types of testing?
Penetration
You are looking for a vulnerability assessment tool that detects vulnerabilities in mobile devices and gives you a report containing a total risk score, a summary of revealed vulnerabilities, and remediation suggestions. Which of the following vulnerability assessment tools should you use?
SecurityMetrics Mobile
Which of the following phases of the vulnerability management lifecycle implements patches, hardening, and correction of weaknesses?
The remediation phase
On your network, you have a Windows 10 system with the IP address 10.10.10.195. You have installed XAMPP along with some web pages, php, and forms. You want to put it on the public-facing internet, but you are not sure if it has any vulnerabilities. On your Kali Linux system, you have downloaded the nmap-vulners script from GitHub. Which of the following is the correct nmap command to run?
nmap --script nmap-vulners -sV 10.10.10.195
Which of the following assessment types relies on each step to determine the next step, and then only tests relevant areas of concern?
Inference-based
It may be tempting for an organization to feel secure after going through the process of penetration testing and the corrections and hardening that you must perform. Which of the following should you help them to understand?
Hackers have time on their side, and there will always be new threats to security.
Which of the following assessment types focus on all types of user risks, including threats from malicious users, ignorant users, vendors, and administrators?
Host-based assessment
An ethical hacker is running an assessment test on your networks and systems. The assessment test includes the following items: Inspecting physical security Checking open ports on network devices and router configurations Scanning for Trojans, spyware, viruses, and malware Evaluating remote management processes Determining flaws and patches on the internal network systems, devices, and servers Which of the following assessment tests is being performed?
Internal assessment
