Chapter 10 - Vulnerability and Risk Assessment Flashcards
Which type of vulnerability assessments software can check for weak passwords on the network? A. Wireshark B. Antivirus software C. Performance Monitor D. A password cracker
D. A password cracker can check for weak passwords on the network. Antivirus software can scan for viruses on a computer. Performance Monitor enables you to create baselines to check the performance of a computer. Wireshark is a protocol analyzer.
You are contracted to conduct a forensics analysis of the computer. What should you do first? A. Back up the system. B. Analyze the files. C. Scan for viruses. D. Make changes to the operating system.
A. Back up the system before you do anything else. This way, you have a backup copy in case anything goes wrong when you analyze or make changes to the system.
Which of the following has schemas written in XML? A. OVAL B. 3DES C. WPA D. PAP
A. OVAL (Open Vulnerability and Assessment Language) uses XML as a framework for the language. It is a community standard dealing with the standardization of information transfer. 3DES is an encryption algorithm. WPA is a wireless encryption standard, and the deprecated PAP is the Password Authentication Protocol, used for identifying users to a server.
Russ is using only documentation to test the security of a system. What type of testing methodology is this known as? A. Active security analysis B. Passive security analysis C. Hybrid security analysis D. Hands-on security analysis
B. Passive security analysis or passive security testing would be one that possibly does not include a hands-on test. It is less tangible and often includes the use of documentation only. To better protect a system or network, a person should also use active security analysis.
Of the following which is the best way for a person to find out what security holes exist on the network? A. Run a port scan. B. Use a network sniffer. C. Perform a vulnerability assessment. D. Use an IDS solution.
C. The best way to find all the security holes that exist on a network is to perform a vulnerability assessment. This may include utilizing a port scanner and using a network sniffer and perhaps using some sort of IDS.
After using NMAP to do a port scan of your server, you find that several ports are open. Which of the following should you do next?
A. Leave the ports open and monitor them for malicious attacks.
B. Run the port scan again.
C. Close all ports.
D. Examine the services and/or processes that use those ports.
D. If you find ports open that you don’t expect, be sure to examine the services and or processes that use those ports. You may have to close some or all those ports. When you finish with your examination, and after you have taken action, run the port scan again to verify that those ports are closed.
Which of the following is a vulnerability assessment tool? A. John the Ripper B. AirSnort C. Nessus D. Cain & Abel
C. Nessus is a vulnerability assessment tool. AirSnort is used to crack wireless encryption codes. John the Ripper and Cain & Abel are password cracking programs.
You are a consultant for an IT company. Your boss asks you to determine the topology of the network. What is the best device to use in this circumstance? A. Network mapper B. Protocol analyzer C. Port scanner D. A vulnerability scanner
A. A network mapper is the best tool to use to determine the topology of the network and to find out what devices and computers reside on that network. An example of this would be LAN Surveyor.
Which of the following can enable you to find all the open ports on an entire network? A. Protocol analyzer B. Network scanner C. Firewall D. Performance monitor
B. A network scanner is a port scanner used to find open ports on multiple computers on the network. A protocol analyzer is used to delve into packets. A firewall protects a network, and a performance monitor is used to create baselines for and monitor a computer.
What can hackers accomplish using malicious port scanning? A. “Fingerprint” of the operating system B. Topology of the network C. All the computer names on the network D. All the usernames and passwords
A. Port scanning can be used in a malicious way to find out all the openings to a computer’s operating system; this is known as the “fingerprint” of the operating system. Port scanning cannot find out the topology of the network,
computer names, usernames, or passwords.
Many companies send passwords via clear text. Which of the following can view these passwords? A. Rainbow Table B. Port scanner C. John the Ripper D. Protocol analyzer
D. A protocol analyzer can delve into the packets sent across the network and determine whether those packets contain clear-text passwords. Rainbow Tables and John the Ripper deal with cracking passwords that were previously encrypted; they aren’t necessary if the password were sent via clear text. Port scanners scan computers for any open ports.
Which of the following persons is ultimately in charge of deciding how much residual risk there will be? A. Chief security officer B. Security administrator C. Senior management D. Disaster Recovery Plan coordinator
C. Residual risk is the risk left over after a security and disaster recovery plan have been implemented. There is always risk, because a company cannot possibly foresee every future event, nor can it secure against every single threat. Senior management as a collective whole is ultimately responsible for deciding how much residual risk there will be in a company’s network. No one person should be in charge of this, but it should be decided on as a group. If the group decides that residual risk is too high, the group might decide to get insurance in addition to its security plan. The security administrator is in charge of finding and removing risks to the network and systems and should mitigate risks if possible. The disaster recovery plan (DRP) coordinator usually assesses risks and documents them, along with creating strategies to defend against any disastrous problems that might occur from that risk, but that person does not decide on the amount of acceptable residual risk to a company.
To show risk from a monetary standpoint, which of the following should risk assessments be based upon?
A. Survey of loss, potential threats, and asset value
B. Quantitative measurement of risk, impact, and asset value
C. Complete measurement of all threats
D. Qualitative measurement of risk and impact
B. When dealing with dollars, risk assessments should be based upon a quantitative measurement of risk, impact, and asset value.
The main objective of risk management in an organization is to reduce risk to a level \_\_\_\_\_\_\_\_\_\_\_\_\_. (Fill in the blank.) A. The organization will mitigate B. Where the ARO equals the SLE C. The organization will accept D. Where the ALE is lower than the SLE
C. The main objective of risk management is to reduce risk to a level that the organization or company will accept. Mitigation is the act of reducing threats in general.
Why would a security administrator use a vulnerability scanner? (Select the best answer.) A. To identify remote access policies B. To analyze protocols C. To map the network D. To find open ports on a server
D. The best answer for why a security administrator would use a vulnerability scanner is to find open ports on a particular computer. Although a vulnerability scanner can do more than scan for open ports, it is the best answer listed.