Conducting Vulnerability Assessments

Question 1

Pre-assessmet Checklist

Answer 1

• Scope of project
• Identify assessment team
• Establish applicable standards
• Select site(s)
• Dates and logistics
• The team needs EPP ?
• Ground rules
• Gather and review existing documentation
• Research known vulnerabilities
• Prepare for kickoff

Question 2

Passive Data Collection Includes:

Answer 2

• Windows system information
• Log files
• Firewall, router and switch configuration files
• Network packet captures

Question 3

Advanced Windows System Information Tools

Answer 3

• SIW
• Priority Speccy
• AIDA
• ASTRA
• PC Wizard

Question 4

Sniffing Ethernet

Answer 4

Sniffing the ethernet is a term used to describe the passive collection of data in packet capture programs.

Question 5

PORT Mirroring

Answer 5

Also known as SPAN (Switched Port Analyzer), is a method of monitoring network traffic. With port mirroring enabled, the switch sends a copy of all network packets seen on one port to another port, where the packet can be analyzed.

Question 6

RSPAN

Answer 6

Remote Switched Port Analyzer

Question 7

Popular network capturing tools

Answer 7

• Whireshark
• Colasoft
• TCP Dump
• NetworkMiner
• Microsoft Network Monitor

Question 8

Packet capturing Goals

Answer 8

• Identify what devices talk to what
• Identify the protocols on the network
• Detect unexpected or unusual traffic
• Recognize messages with clear-text payloads
• Troubleshooting

Question 9

Network Vulnerability Scanning Tools

Answer 9

• Nessus
• Nexpose
• OpenVas
• Qualsys

Question 10

Metasploit, Kali LInux and Canvas are tools for:

Answer 10

Penetration Testing

Question 11

What are the different types of vulnerability assessment?

Answer 11

1. High-level GAP Assessments
2. Passive Vulnerability Assessments
3. Active Vulnerability Assessments
4. Penetration Testing

Question 12

What are the different types of vulnerability assessment?

Answer 12

1. High-level GAP Assessments
2. Passive Vulnerability Assessments
3. Active Vulnerability Assessments
4. Penetration Testing

Question 13

What is the puprose of a packet capture utility?

Answer 13

• Identify what devices talk to what
• Identify protocols on the network
• Detect unexpected or unusual traffic
• Recognize messages with clear-text payloads
• Troubleshooting

Question 14

What is port mirroring?

Answer 14

Is an approach to monitoring network traffic that involves forwarding a copy of each packet from one network switch port to another.

Question 15

What type of tool is used to capture and display Ethernet communications?

Answer 15

Packet Capture

Question 16

A feature that sends a copy of a network from one or more switch ports to a special monitoring port is called:

Answer 16

Port mirroring

Question 17

Which term is used to describe the passive collection of data in packet capture programs?

Answer 17

Sniffing the Ethernet

Question 18

Which computer program assesses computers, computer system, networks or applications for weaknesses against databases known vulnerabilites?

Answer 18

Network Vulnerability Scanning Tool

Question 19

Which is an approach to monitoring network traffic that involves forwarding a copy of each data packet from one network switch port to another?

Answer 19

Port Mirroring