Security Pro Chapter 6

Exit

Question 1 of 1

  Time Left


0 [{"id":459532,"quiz_id":"23542","answer_id":null,"answerType_id":"0","created_at":"2018-05-13 07:32:45","updated_at":"2018-05-13 07:44:58","questionName":"You are using a vulnerability scanner that conforms to the OVAL specifications. Which of the\r\nfollowing items contains a specific vulnerability or security issue that could be present on a\r\nsystem?","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":7,"explanation":"The Open Vulnerability and Assessment Language (OVAL) is an international standard for testing,\r\nanalyzing, and reporting the security vulnerabilities of a system. Each vulnerability, configuration\r\nissue, program, or patch that might be present on a system is identified as a definition.\r\nOVAL repositories are like libraries or databases that contain multiple definitions.","question_score_id":null,"lang":"","questionAudioPath":null},{"id":459526,"quiz_id":"23542","answer_id":null,"answerType_id":"0","created_at":"2018-05-13 07:24:11","updated_at":"2018-05-13 07:44:58","questionName":"You want to use a tool to scan a system for vulnerabilities, including open ports, running\r\nservices, and missing patches. Which tools should you use? (Select two.)","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":3,"explanation":"A vulnerability scanner is a software program that searches an application, computer, or network\r\nfor weaknesses, such as open ports, running applications or services, missing critical patches,\r\ndefault user accounts that have not been disabled, and default or blank passwords. Vulnerability\r\nscanning tools include Nessus, Retina Vulnerability Assessment Scanner, and Microsoft Baseline\r\nSecurity Analyzer (MBSA).\r\nWireshark is a protocol analyzer. LC4 is a password cracking tool that you can use to identify\r\nweak passwords. The Open Vulnerability and Assessment Language (OVAL) is an international\r\nstandard for testing, analyzing, and reporting the security vulnerabilities of a system.","question_score_id":null,"lang":"","questionAudioPath":null},{"id":459525,"quiz_id":"23542","answer_id":null,"answerType_id":"0","created_at":"2018-05-13 07:22:06","updated_at":"2018-05-13 07:44:58","questionName":"You want to identify all devices on a network along with a list of open ports on those devices.\r\nYou want the results displayed in a graphical diagram. Which tool should you use?","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":2,"explanation":"A network mapper is a tool that can discover devices on the network and show those devices in a\r\ngraphical representation. Network mappers typically use a ping scan to discover devices and a\r\nport scanner to identify open ports on those devices.\r\nA ping scanner only identifies devices on the network, but does not probe for open ports. A port\r\nscanner finds open ports, but might not display devices in a graphical representation. The Open\r\nVulnerability and Assessment Language (OVAL) is an international standard for testing, analyzing,\r\nand reporting the security vulnerabilities of a system.","question_score_id":null,"lang":"","questionAudioPath":null},{"id":459528,"quiz_id":"23542","answer_id":null,"answerType_id":"0","created_at":"2018-05-13 07:25:31","updated_at":"2018-05-13 07:44:58","questionName":"You want to check a server for user accounts that have weak passwords. Which tool should you\r\nuse?","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":4,"explanation":"John the Ripper is a password cracking tool. Password crackers perform cryptographic attacks on\r\npasswords. Use a password cracker to identify weak passwords or passwords protected with weak\r\nencryption.\r\nNessus and Retina are vulnerability scanners. While vulnerability scanners check for default user\r\naccounts and often check for accounts with blank passwords, they typically do not include\r\npassword cracking features to test for weak passwords. The Open Vulnerability and Assessment\r\nLanguage (OVAL) is an international standard for testing, analyzing, and reporting the security\r\nvulnerabilities of a system.","question_score_id":null,"lang":"","questionAudioPath":null},{"id":459524,"quiz_id":"23542","answer_id":null,"answerType_id":"0","created_at":"2018-05-13 07:20:49","updated_at":"2018-05-13 07:44:58","questionName":"You want to be able to identify the services running on a set of servers on your network. Which\r\ntool would best give you the information you need?","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":1,"explanation":"Use a vulnerability scanner to gather information about systems, such as the applications or\r\nservices running on the system. The vulnerability scanner often combines functions found in other\r\ntools and can perform additional functions, such as identifying open firewall ports, missing\r\npatches, and default or blank passwords.\r\nA port scanner is a tool that probes systems for open ports. The port scanner will tell you which\r\nports are opened in the firewall, but it cannot identify services running on a server if the firewall\r\nport has been closed. A network mapper is a tool that can discover devices on the network and\r\nshows those devices in a graphical representation. Network mappers typically use a ping scan to\r\ndiscover devices and a port scanner to identify open ports on those devices.\r\nUse a protocol analyzer to identify traffic that is sent on the network medium and traffic sources.\r\nServices could still be running on a server that do not generate network traffic a protocol analyzer\r\ncan catch.","question_score_id":null,"lang":"","questionAudioPath":null},{"id":459521,"quiz_id":"23542","answer_id":null,"answerType_id":"0","created_at":"2018-05-13 07:18:16","updated_at":"2018-05-13 07:44:58","questionName":"You want to make sure that a set of servers will only accept traffic for specific network services.\r\nYou have verified that the servers are only running the necessary services, but you also want to\r\nmake sure that the servers will not accept packets sent to those services.\r\nWhich tool should you use?","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":0,"explanation":"Use a port scanner to check for open ports on a system or a firewall. Compare the list of opened\r\nports with the list of ports allowed by your network design and security policy. Typically, a port is\r\nopened when a service starts or is configured on a device. Open ports for unused services expose\r\nthe server to attacks directed at that port.\r\nUse a packet sniffer to examine packets on the network. With a packet sniffer, you can identify\r\npackets directed towards specific ports, but you won't be able to tell if those ports are open.\r\nExamine system logs to look for events that have happened on a system, which might include a\r\nservice starting, but would not likely reflect open ports.\r\nAn intrusion detection system (IDS) is a special network device that can detect attacks and\r\nsuspicious activity. A passive IDS monitors, logs, and detects security breaches, but takes no\r\naction to stop or prevent the attack. An active IDS (also called an intrusion protection system or\r\nIPS) performs the functions of an IDS, but can also react when security breaches occur.","question_score_id":null,"lang":"","questionAudioPath":null},{"id":458002,"quiz_id":"23542","answer_id":null,"answerType_id":"0","created_at":"2018-05-12 01:25:19","updated_at":"2018-05-13 07:44:58","questionName":"What is mutual authentication?","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":12,"explanation":"Mutual authentication is the process by which each party in an online communication verifies the\r\nidentity of each other party. Mutual authentication is most common in VPN links, SSL connections,\r\nand e-commerce transactions. In each of these situations, both parties in the communication\r\nwant to ensure that they know whom they are interacting with.\r\nThe use of two or more authentication factors is called two-factor authentication. CHAP and EAP\r\nare authentication protocols. Communicating hosts might use certificates issued by a trusted CA\r\nin performing mutual authentication, but using the CA is not, in itself, a definition of mutual\r\nauthentication.\r\n","question_score_id":null,"lang":"","questionAudioPath":null},{"id":459530,"quiz_id":"23542","answer_id":null,"answerType_id":"0","created_at":"2018-05-13 07:30:39","updated_at":"2018-05-13 07:44:58","questionName":"Which of the following identifies standards and XML formats for reporting and analyzing system\r\nvulnerabilities?","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":6,"explanation":"The Open Vulnerability and Assessment Language (OVAL) is an international standard for testing,\r\nanalyzing, and reporting the security vulnerabilities of a system.\r\n\u2022 OVAL is sponsored by the National Cyber Security division of the US Department of\r\nHomeland Security.\r\n\u2022 OVAL identifies the XML format for identifying and reporting system vulnerabilities.\r\n\u2022 Each vulnerability, configuration issue, program, or patch that might be present on a system\r\nis identified as a definition.\r\n\u2022 OVAL repositories are like libraries or databases that contain multiple definitions.\r\nMicrosoft Baseline Security Analyzer (MBSA) and Retina Vulnerability Assessment Scanner are\r\nvulnerability scanning tools. The Open Source Security Testing Methodology Manual (OSSTMM) is\r\na manual of a peer-reviewed methodology for performing security tests and metrics.","question_score_id":null,"lang":"","questionAudioPath":null},{"id":459537,"quiz_id":"23542","answer_id":null,"answerType_id":"0","created_at":"2018-05-13 07:41:34","updated_at":"2018-05-13 07:44:58","questionName":"A security administrator needs to run a vulnerability scan that will analyze a system from the\r\nperspective of a hacker attacking the organization from the outside.\r\nWhat type of scan should he use?","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":11,"explanation":"In a non-credentialed scan, the security administrator does not authenticate to the system prior\r\nto running the scan. A non-credentialed scan can be valuable because it allows the scanner to see\r\nthe system from the same perspective that an attacker would see it. However, a non-credentialed\r\nscan does not typically produce the same level of detail as a credentialed scan.\r\nIn a credentialed scan, the security administrator authenticates to the system prior to starting the\r\nscan. A port scan probes systems for open ports, but does not run a full vulnerability assessment.\r\nA network mapping scan is a type of port scan that discovers devices on the network and then\r\norganizes those devices in a graphical display.","question_score_id":null,"lang":"","questionAudioPath":null},{"id":459533,"quiz_id":"23542","answer_id":null,"answerType_id":"0","created_at":"2018-05-13 07:34:00","updated_at":"2018-05-13 07:44:58","questionName":"You have run a vulnerability scanning tool and identified several patches that need to be applied\r\nto a system. What should you do next after applying the patches?","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":8,"explanation":"After fixing an identified vulnerability, you should re-run the vulnerability scan to verify that\r\neverything has been fixed and that additional issues are not present.\r\nYou should updated definition files before you run the first scan. Using a port scanner is\r\nunnecessary because most vulnerability scanners include a check of open ports. Documenting\r\nyour actions should occur after you have finished all necessary actions.","question_score_id":null,"lang":"","questionAudioPath":null},{"id":459534,"quiz_id":"23542","answer_id":null,"answerType_id":"0","created_at":"2018-05-13 07:35:04","updated_at":"2018-05-13 07:44:58","questionName":"You want to use a vulnerability scanner to check a system for known security risks. What should\r\nyou do first?","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":9,"explanation":"Before using a vulnerability scanner, you should update the definition files. The definition files\r\nidentify known security risks associated with the system. Some scanners update the definition\r\nfiles automatically, while others require you to download the latest definition files.\r\nApplying all known patches is not a best practice. You typically only apply the patches that are\r\nrequired or identified as important security patches. The vulnerability scanner typically identifies\r\nthe patches you should apply. A port scan checks for open ports and is, typically, a test\r\nperformed as part of the vulnerability scan. Senior management does not need to be notified\r\nwhen you run a vulnerability scan; they do need to be informed of penetration tests before they\r\nare executed.","question_score_id":null,"lang":"","questionAudioPath":null},{"id":459529,"quiz_id":"23542","answer_id":null,"answerType_id":"0","created_at":"2018-05-13 07:28:00","updated_at":"2018-05-13 07:44:58","questionName":"Which of the following are performed by the Microsoft Baseline Security Analyzer (MBSA) tool?\r\n(Select three.)","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":5,"explanation":"Microsoft Baseline Security Analyzer (MBSA) is a vulnerability scanner that can check for the\r\nfollowing weaknesses:\r\n- Open ports\r\n- Active IP addresses\r\n- Running applications or services\r\n- Missing critical patches\r\n- Default user accounts that have not been disabled\r\n- Default, blank, or common passwords\r\nVulnerability scanners typically do not include password cracking tools, but MBSA can perform\r\nsimple checks for weak passwords.\r\nUse a protocol analyzer to check packets for characteristics that might indicate an attack. Use a\r\nperformance monitoring tool to gather information about system or network performance to\r\nidentify a performance baseline.","question_score_id":null,"lang":"","questionAudioPath":null},{"id":458004,"quiz_id":"23542","answer_id":null,"answerType_id":"0","created_at":"2018-05-12 01:27:41","updated_at":"2018-05-13 07:44:58","questionName":"A manager has told you she is concerned about her employees writing their passwords for\r\nwebsites, network files, and database resources on sticky notes. Your office runs exclusively in a\r\nWindows environment.\r\nWhich tool could you use to prevent this behavior?","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":14,"explanation":"Credential Manager securely stores account credentials for network resources, such as file\r\nservers, websites, and database resources.\r\nLocal Users and Groups manages only local account credentials. Key Management Service is used\r\nto manage the activation of Windows systems on the network. Computer Management is used to\r\ncomplete Windows management tasks, such as viewing the Event Log, managing hardware\r\ndevices, and managing hard disk storage.","question_score_id":null,"lang":"","questionAudioPath":null},{"id":459535,"quiz_id":"23542","answer_id":null,"answerType_id":"0","created_at":"2018-05-13 07:37:49","updated_at":"2018-05-13 07:44:58","questionName":"A security administrator logs on to a Windows server on her organization's network. She then\r\nruns a vulnerability scan on that server.\r\nWhat type of scan was conducted in this scenario?","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":10,"explanation":"In a credentialed scan, the security administrator authenticates to the system prior to starting the\r\nscan. A credentialed scan usually provides detailed information about potential vulnerabilities. For\r\nexample, a credentialed scan of a Windows workstation allows you to probe the registry for\r\nsecurity vulnerabilities.\r\nIn a non-credentialed scan, the security administrator does not authenticate to the system prior\r\nto running the scan. A TCP SYN scan is a common type of port scan. A ping scan sends ICMP\r\necho\/request packets to one or multiple IP addresses.","question_score_id":null,"lang":"","questionAudioPath":null},{"id":458003,"quiz_id":"23542","answer_id":null,"answerType_id":"0","created_at":"2018-05-12 01:26:40","updated_at":"2018-05-13 07:44:58","questionName":"Which of the following protocols can be used to centralize remote access authentication?","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":13,"explanation":"Centralized remote access authentication protocols include:\r\n\u2022 Remote Authentication and Dial-In User Service (RADIUS)\r\n\u2022 Terminal Access Controller Access Control System (TACACS)\r\nPassword authentication protocol (PAP) and challenge handshake authentication protocol (CHAP)\r\nare authentication protocols used between the client and the server. Kerberos and Secure\r\nEuropean System for Applications in a Multi-Vendor Environment (SESAME) are single sign-on\r\nprotocols.","question_score_id":null,"lang":"","questionAudioPath":null}]
459532
0
120
block

You are using a vulnerability scanner that conforms to the OVAL specifications. Which of the following items contains a specific vulnerability or security issue that could be present on a system?

Select the correct answer(s).  

(0/0)














459526
0
120
none
459525
0
120
none
459528
0
120
none
459524
0
120
none
459521
0
120
none
458002
0
120
none
459530
0
120
none
459537
0
120
none
459533
0
120
none
459534
0
120
none
459529
0
120
none
458004
0
120
none
459535
0
120
none
458003
0
120
none