6.9

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

You have run a vulnerability scanning tool and identified several patches that need to be applied to a system. What should you do next after applying the patches?

Run the vulnerability assessment again

You want to use a tool to scan a system for vulnerabilities, including open ports, running services, and missing patches. Which tools should you use? (Select two.)

Retina Nessus

Which of the following are performed by the Microsoft Baseline Security Analyzer (MBSA) tool? (Select three.)

Check for missing patches Check for open ports Check user accounts for weak passwords

A security administrator logs on to a Windows server on her organization's network. She then runs a vulnerability scan on that server. What type of scan was conducted in this scenario?

Credentialed scan

You are using a vulnerability scanner that conforms to the OVAL specifications. Which of the following items contains a specific vulnerability or security issue that could be present on a system?

Definition

Which of the following functions can a port scanner provide? (Select two.)

Discovering unadvertised servers Determining which ports are open on a firewall

You want to check a server for user accounts that have weak passwords, Which tool should you use?

John the Ripper

You want to identify all devices on a network along with a list of open ports on those devices. You want the results displayed in a graphical diagram. Which tool should you use?

Network mapper

A security administrator needs to run a vulnerability scan that will analyze a system from the perspective of a hacker attacking the organization from the outside. What type of scan should he use?

Non-credentialed scan

Which of the following identifies standards and XML formats for reporting and analyzing system vulnerabilities?

OVAL

You want to make sure that set of servers will only accept traffic for specific network services. You have verified that the servers are only running the necessary services, but you also want to make sure that the servers will not accept packets sent to those services. Which tool should you use?

Port scanner

Which of the following is the type of port scan that does not complete the full three-way TCP handshake, but rather listens only for either SYN/ACK packets?

TCP SYN scan

You want to use a vulnerability scanner to check a system for known security risks. What should you do first?

Update the scanner definition files

You want to be able to identify the services running on a set of servers on your network. Which tool would best give you the information you need?

Vulnerability scanner


Set pelajaran terkait

HR BUS 381 CHAPTER 14 Occupational Health and Safety

View Set

Starting Out With Java - Programming Projects

View Set