6.9.10

Ace your homework & exams now with Quizwiz!

You have run a vulnerability scanning tool and identified several patches that need to be applied to a system. What should you do next after applying the patches?

Run the vulnerability assessment again

Which of the following are performed by the Microsoft Baseline Security Analyzer (MBSA) tool? (Select three.)

- Check for missing patches - Check user accounts for weak passwords -Check for open ports

A security administrator logs on to a Windows server on her organization's network. She then runs a vulnerability scan on that server.

Credentialed scan

You want to check a server for user accounts that have weak passwords. Which tool should you use?

John the Ripper

A security administrator needs to run a vulnerability scan that will analyze a system from the perspective of a hacker attacking the organization from the outside. What type of scan should he use?

Non-credentialed scan

You are using a vulnerability scanner that conforms to the OVAL specifications. Which of the following items contains a specific vulnerability or security issue that could be present on a system?

O Definition

Which of the following functions provide? (Select two.)

O Determining which ports are open on a firewall ODiscovering unadvertised servers

deplayed in a graphical diagram. Which tool shoukld use? You want to identify all devices on a network along with you a let of open ports on those devices. You want the results

O Network mapper

You want to make sure that a set of servers will only accept but you also want to make sure that the servers will not traffic for specific network services. You have verified that the servers are only running the necessary services, accept packets sent to those services.

O Port scanner

You want to use a vulnerability scanner to check a system for known security risks. What should you do first?

O Update the scanner definition files

you the information you need? You want to be able to identify the services running on a set of servers on your network. Which tool would best give

O Vulnerability scanner

You want to use a tool to scan a system for vulnerabilities, including open ports, running services, and missing patches. Which tools should you use? (Select two.)

ORetina ONessus

Which of the folowing identifies standards and XML formats for reporting and analyzing system vulnerabilities?

OVAL

Which of the following is the type of port scan that does not complete the full three-way TCP handshake, but rather listens only for either SYN/ACK or RST/ACK packets? n

TCP SYN scan


Related study sets

nyyun928 - Cardiovascular System

View Set

macro: required reserves, excess reserves, and bank behavior

View Set