Module 38 - Security Assessment - Q&A Flashcards
Which of the following types of assessments is designed to tell you what potential negative events may affect the vulnerabilities of a system? A. Vulnerability scan B. Threat assessment C. Penetration test D. Impact assessment
B. A threat assessment is used to determine the possible negative events that can target the vulnerabilities on a system.
Which of the following are appropriately matched? ( Choose two.) A. Threat and likelihood B. Vulnerability and likelihood C. Risk and threat D. Vulnerability and impact
A, D. In risk assessments, the likelihood of a threat is determined, as well as a vulnerability and its impact if exploited.
Your manager wants you to attempt to determine what security vulnerabilities may be present in an application before it goes into production. You're to take the application directly from the programmers and go through the program itself. Which of the following assessment techniques will you use? A. Architecture review B. Design review C. Code review D. Port scan
C. Code review is an appropriate assessment technique in this case, since you are looking at the program itself before it goes into production.
Which of the following types of assessments actually exploits weaknesses found in a system? A. Code review B. Architecture review C. Vulnerability test D. Penetration test
D. A penetration test is designed to exploit any vulnerabilities found in a system.
You are performing a penetration test and are given only some basic information on the target system, including its IP address range and a basic network diagram. What type of penetration tests is this considered to be? A. Gray box test B. Black box test C. White box test D. Double-blind test
A. A gray box test is one in which the tester is given only limited information on the target network.
A security testing tool that does not interfere with the operation of the system or network at all is considered: A. Active B. Passive C. Less accurate D. Easily detectable
B. A passive tool does not interfere with the operation or performance of the system or network.
Which of the following tools can be used to capture network traffic for analysis? A. Vulnerability scanner B. Port scanner C. Sniffer D. Honeynet
C. A sniffer is used to capture network traffic for later analysis.
Which of the following tools would be used to determine what active ports, protocols, and services are running on a host on the network? A. Wireshark B.Nmap C. Honeypot D. Banner Grabber
B. Nmap is a popular port scanning tool used to determine what active ports, protocols, and services are running on a network host.
You’ve just finished scanning your network with a vulnerability scanning tool, and the tool reports several strange vulnerabilities for software you do not have installed on that system. What should you do to verify that those vulnerabilities actually exist on the host?
A. Run a different vulnerability scanner on the same system and compare the results.
B. Assume that all the vulnerabilities are valid and immediately start to remediate them.
C. Assume that all vulnerabilities reported by the tool are invalid and that the system is secure.
D. Rerun the same vulnerability scanner over and over on the system to see if you get different results.
A. You should run a different vulnerability scanner on the same system and compare the results to see if the second scanner confirms or disputes the results of the first.
Which of the following is considered a dangerous type of finding because it can actually mean that a potential security vulnerability goes undetected? A. False positive B. False negative C. False flag D. False scan
B. A false negative can mean that an actual vulnerability goes undetected.