Question 1

Vulnerability scans are usually performed from outside the security perimeter.

Accepted Answer

False

Question 2

____ is a comparison of the present state of a system compared to its baseline.&#10;A) Baseline reporting&#10;B) Compliance reporting&#10;C) Baseline assessment&#10;D) Compliance review

Accepted Answer

A

Question 3

A ____ in effect takes a snapshot of the current security of the organization.&#10;A) threat analysis&#10;B) vulnerability appraisal&#10;C) risk assessment&#10;D) threat assessment

Accepted Answer

A vulnerability appraisal is a type of assessment that identifies the weaknesses and potential vulnerabilities in an organization's security posture. It helps to identify areas that need improvement and serves as a snapshot of the current security status. A threat analysis and threat assessment are focused on identifying and analyzing specific threats, while a risk assessment considers both threats and vulnerabilities to determine the likelihood and potential impact of a security incident.

Question 4

While the code for a program is being written, it is being analyzed by a ____.&#10;A) black box&#10;B) code review&#10;C) white box&#10;D) scanner

Accepted Answer

Code review involves analyzing the code during the development process to identify any errors or potential issues. This is typically done by other developers on the team or in a peer-review process. Black box and white box testing refer to methods of testing the completed program after it has been developed, and a scanner is a tool used for identifying potential vulnerabilities in code, not analyzing it during development.

Question 5

When performing a vulnerability assessment, many organizations use ____ software to search a system for any port vulnerabilities.&#10;A) threat scanner&#10;B) vulnerability profiler&#10;C) port scanner&#10;D) application profiler

Accepted Answer

A port scanner is the best choice for searching a system for port vulnerabilities, as it scans for open ports and identifies potential entry points for attackers. A threat scanner and vulnerability profiler may be used in addition to a port scanner for a more comprehensive assessment, and an application profiler is used to analyze the security of specific applications rather than scanning for port vulnerabilities.

Question 6

If port 20 is available, then an attacker can assume that FTP is being used.

Accepted Answer

Port 20 is the default data transfer port for FTP, so if it is open, it is a good indication that FTP is being used. However, it is possible for FTP to use a different port for data transfer, so it is not a definitive indicator.

Question 7

A ____ outlines the major security considerations for a system and becomes the starting point for solid security.&#10;A) profile&#10;B) threat&#10;C) control&#10;D) baseline

Accepted Answer

A baseline outlines the minimum or standard security requirements for a system. It provides a foundation for creating and maintaining secure system configurations and becomes the starting point for a solid security posture. A profile is typically a description of a user's characteristics for authentication and authorization processes; a threat is a potential danger to information or systems; and a control is a mechanism used to address a security risk.

Question 8

A(n) ____ indicates that no process is listening at this port.&#10;A) open port&#10;B) open address&#10;C) closed address&#10;D) closed port

Accepted Answer

A closed port indicates that no process is listening at this port, hence, D is the correct choice. An open port means that a process is actively listening at that specific port. An open address refers to a functional IP address, while a closed address means that the IP address is not assigned or is not reachable.

Question 9

The ____ for software is the code that can be executed by unauthorized users.&#10;A) vulnerability surface&#10;B) risk profile&#10;C) input surface&#10;D) attack surface

Accepted Answer

The attack surface refers to the potential entry points that an attacker can exploit in a software system. In the context of software security, the attack surface includes all the parts of the software that are accessible to unauthorized users, including APIs, network interfaces, user inputs, and third-party integrations. Vulnerability surface refers to the subset of the attack surface that contains vulnerabilities, while the risk profile refers to the overall risk associated with the software system. Input surface refers specifically to the parts of the software that can be input and controlled by users.

Question 10

A(n) ____ is hardware or software that captures packets to decode and analyze its contents.&#10;A) application analyzer&#10;B) protocol analyzer&#10;C) threat profiler&#10;D) system analyzer

Accepted Answer

A protocol analyzer is a type of tool that captures packets of data as they pass through a network interface, and it can decode and analyze the contents of those packets. This can help administrators troubleshoot network issues, monitor traffic patterns, and identify security threats. An application analyzer, threat profiler, or system analyzer may have some similar functionality, but they are not specifically designed for packet capture and analysis.

Question 11

____ is the probability that a risk will occur in a particular year.&#10;A) SLE&#10;B) ALE&#10;C) ARO&#10;D) EF

Accepted Answer

The answer of ____ is the probability that a risk...

Question 12

The first step in a vulnerability assessment is to determine the assets that need to be protected.

Accepted Answer

The answer of The first step in a vulnerability assessment...

Question 13

____ is a means by which an organization can transfer the risk to a third party who can demonstrate a higher capability at managing or reducing risks.&#10;A) Insourcing&#10;B) Outsourcing&#10;C) Outcasting&#10;D) Inhousing

Accepted Answer

The answer of ____ is a means by which an...

Question 14

A(n) ____ means that the application or service assigned to that port is listening for any instructions.&#10;A) open port&#10;B) empty port&#10;C) closed port&#10;D) interruptible system

Accepted Answer

The answer of A(n) ____ means that the application or...

Question 15

The goal of ____ is to better understand who the attackers are, why they attack, and what types of attacks might occur.&#10;A) threat mitigation&#10;B) threat profiling&#10;C) risk modeling&#10;D) threat modeling

Accepted Answer

The answer of The goal of ____ is to better...

Question 16

In an empty box test, the tester has no prior knowledge of the network infrastructure that is being tested.

Accepted Answer

The answer of In an empty box test, the tester...

Question 17

____ is the proportion of an asset's value that is likely to be destroyed by a particular risk.&#10;A) SLE&#10;B) ARO&#10;C) EF&#10;D) ER

Accepted Answer

The answer of ____ is the proportion of an asset's...

Question 18

A ____ is a computer typically located in an area with limited security and loaded with software and data files that appear to be authentic, yet they are actually imitations of real data files.&#10;A) port scanner&#10;B) write blocker&#10;C) honeypot&#10;D) honeycomb

Accepted Answer

The answer of A ____ is a computer typically located...

Question 19

The ____ is the expected monetary loss every time a risk occurs.&#10;A) SLE&#10;B) ARO&#10;C) ALE&#10;D) SRE

Accepted Answer

The answer of The ____ is the expected monetary loss...

Question 20

A healthy security posture results from a sound and workable strategy toward managing risks.

Accepted Answer

The answer of A healthy security posture results from a...

Question 21

A ____ tester has an in-depth knowledge of the network and systems being tested, including network diagrams, IP addresses, and even the source code of custom applications.&#10;A) white box&#10;B) black box&#10;C) replay&#10;D) system

Accepted Answer

The answer of A ____ tester has an in-depth knowledge...

Question 22

The end product of a penetration test is the penetration ____.&#10;A) test profile&#10;B) test report&#10;C) test system&#10;D) test view

Accepted Answer

The answer of The end product of a penetration test...

Question 23

Discuss one type of asset that an organization might have.

Accepted Answer

The answer of Discuss one type of asset that an...

Question 24

____________________ for organizations are intended to identify vulnerabilities and alert network administrators to these problems.

Accepted Answer

The answer of ____________________ for organizations are intended to identify...

Question 25

Most vulnerability scanners maintain a(n) ____________________ that categorizes and describes the vulnerabilities that it can detect.

Accepted Answer

The answer of Most vulnerability scanners maintain a(n) ____________________ that...

Question 26

List and describe the elements that make up a security posture.

Accepted Answer

The answer of List and describe the elements that make...

Question 27

A(n) ____________________ box test is one in which some limited information has been provided to the tester.

Accepted Answer

The answer of A(n) ____________________ box test is one in...

Question 28

List four things that a vulnerability scanner can do.

Accepted Answer

The answer of List four things that a vulnerability scanner...

Question 29

Describe the purpose of a honeypot.

Accepted Answer

The answer of Describe the purpose of a honeypot....

Question 30

A(n) ____________________ scan uses various techniques to avoid detection.

Accepted Answer

The answer of A(n) ____________________ scan uses various techniques to...

Question 31

Describe a penetration testing report.

Accepted Answer

The answer of Describe a penetration testing report....

Question 32

A ____ is a network set up with intentional vulnerabilities.&#10;A) honeynet&#10;B) honeypot&#10;C) honeycomb&#10;D) honey hole

Accepted Answer

The answer of A ____ is a network set up...

Question 33

Released in 1995, one of the first tools that was widely used for penetration testing was ____.&#10;A) GOPHER&#10;B) SAINT&#10;C) SATAN&#10;D) NESSUS

Accepted Answer

The answer of Released in 1995, one of the first...

Question 34

When using a black box test, many testers use ____________________ tricks to learn about the network infrastructure from inside employees.

Accepted Answer

The answer of When using a black box test, many...

Question 35

A security weakness is known as a(n) ____.&#10;A) threat&#10;B) vulnerability&#10;C) risk&#10;D) opportunity

Accepted Answer

The answer of A security weakness is known as a(n)...

Question 36

List and describe two common uses for a protocol analyzer.

Accepted Answer

The answer of List and describe two common uses for...

Question 37

Discuss the purpose of OVAL.

Accepted Answer

The answer of Discuss the purpose of OVAL....

Question 38

A(n) ____ examines the current security in a passive method.&#10;A) application scan&#10;B) system scan&#10;C) threat scan&#10;D) vulnerability scan

Accepted Answer

The answer of A(n) ____ examines the current security in...

Question 39

List and describe the three categories that TCP/IP divides port numbers into.

Accepted Answer

The answer of List and describe the three categories that...

Question 40

When a security hardware device fails or a program aborts, which state should it go into?

Accepted Answer

The answer of When a security hardware device fails or...

Question 41

List two types of hardening techniques.

Accepted Answer

The answer of List two types of hardening techniques....

Question 42

Match between columns&#10;                        Premises: An automated software search through a system for any known security weaknesses&#10;An automated software search through a system for any known security weaknesses&#10;An automated software search through a system for any known security weaknesses&#10;An automated software search through a system for any known security weaknesses&#10;An automated software search through a system for any known security weaknesses&#10;An automated software search through a system for any known security weaknesses&#10;An automated software search through a system for any known security weaknesses&#10;An automated software search through a system for any known security weaknesses&#10;An automated software search through a system for any known security weaknesses&#10;Identify what damages could result from the threats&#10;Identify what damages could result from the threats&#10;Identify what damages could result from the threats&#10;Identify what damages could result from the threats&#10;Identify what damages could result from the threats&#10;Identify what damages could result from the threats&#10;Identify what damages could result from the threats&#10;Identify what damages could result from the threats&#10;Identify what damages could result from the threats&#10;Designed to actually exploit any weaknesses in systems that are vulnerable&#10;Designed to actually exploit any weaknesses in systems that are vulnerable&#10;Designed to actually exploit any weaknesses in systems that are vulnerable&#10;Designed to actually exploit any weaknesses in systems that are vulnerable&#10;Designed to actually exploit any weaknesses in systems that are vulnerable&#10;Designed to actually exploit any weaknesses in systems that are vulnerable&#10;Designed to actually exploit any weaknesses in systems that are vulnerable&#10;Designed to actually exploit any weaknesses in systems that are vulnerable&#10;Designed to actually exploit any weaknesses in systems that are vulnerable&#10;Identify what needs to be protected&#10;Identify what needs to be protected&#10;Identify what needs to be protected&#10;Identify what needs to be protected&#10;Identify what needs to be protected&#10;Identify what needs to be protected&#10;Identify what needs to be protected&#10;Identify what needs to be protected&#10;Identify what needs to be protected&#10;Eliminating as many security risks as possible and make the system more secure&#10;Eliminating as many security risks as possible and make the system more secure&#10;Eliminating as many security risks as possible and make the system more secure&#10;Eliminating as many security risks as possible and make the system more secure&#10;Eliminating as many security risks as possible and make the system more secure&#10;Eliminating as many security risks as possible and make the system more secure&#10;Eliminating as many security risks as possible and make the system more secure&#10;Eliminating as many security risks as possible and make the system more secure&#10;Eliminating as many security risks as possible and make the system more secure&#10;Identify what to do about threats&#10;Identify what to do about threats&#10;Identify what to do about threats&#10;Identify what to do about threats&#10;Identify what to do about threats&#10;Identify what to do about threats&#10;Identify what to do about threats&#10;Identify what to do about threats&#10;Identify what to do about threats&#10;A systematic and methodical evaluation of the exposure of assets to attackers, forces of nature, or any other entity that is potentially harmful&#10;A systematic and methodical evaluation of the exposure of assets to attackers, forces of nature, or any other entity that is potentially harmful&#10;A systematic and methodical evaluation of the exposure of assets to attackers, forces of nature, or any other entity that is potentially harmful&#10;A systematic and methodical evaluation of the exposure of assets to attackers, forces of nature, or any other entity that is potentially harmful&#10;A systematic and methodical evaluation of the exposure of assets to attackers, forces of nature, or any other entity that is potentially harmful&#10;A systematic and methodical evaluation of the exposure of assets to attackers, forces of nature, or any other entity that is potentially harmful&#10;A systematic and methodical evaluation of the exposure of assets to attackers, forces of nature, or any other entity that is potentially harmful&#10;A systematic and methodical evaluation of the exposure of assets to attackers, forces of nature, or any other entity that is potentially harmful&#10;A systematic and methodical evaluation of the exposure of assets to attackers, forces of nature, or any other entity that is potentially harmful&#10;Identifying what the pressures are against a company&#10;Identifying what the pressures are against a company&#10;Identifying what the pressures are against a company&#10;Identifying what the pressures are against a company&#10;Identifying what the pressures are against a company&#10;Identifying what the pressures are against a company&#10;Identifying what the pressures are against a company&#10;Identifying what the pressures are against a company&#10;Identifying what the pressures are against a company&#10;Identifying how susceptible the current protection is&#10;Identifying how susceptible the current protection is&#10;Identifying how susceptible the current protection is&#10;Identifying how susceptible the current protection is&#10;Identifying how susceptible the current protection is&#10;Identifying how susceptible the current protection is&#10;Identifying how susceptible the current protection is&#10;Identifying how susceptible the current protection is&#10;Identifying how susceptible the current protection is

Accepted Answer

The Answer of Vulnerability assessment and Asset identification and Threat is...

Deck 4: Vulnerability Assessment and Mitigating Attacks