Week 3 - Q's Flashcards
What is the first step of the vulnerability management?
A. Monitoring network traffic.
B. Installing antivirus software.
C. Asset discovery and mapping.
D. Installing a firewall.
C. Asset discovery and mapping.
Why might Nmap (active scan) not be suitable for ICS/OT networks?
A. It’s too expensive.
B. It generates network traffic that can impact legacy ICS devices.
C. It could slow down the network and controlled process.
D. It is only suitable for Windows systems.
B. It generates network traffic that can impact legacy ICS devices.
What type of discovery is preferred in ICS environments?
A. Active discovery with lots of traffic.
B. Discovery using NMap.
C. Passive discovery.
D. No discovery at all.
C. Passive discovery.
Why is it essential for ethical hackers to conduct reconnaissance within legal and ethical bounds?
A. To gain unauthorized access.
B. Because reconnaissance is not important.
C. Unauthorized access or probing beyond publicly available information is illegal and unethical.
D. To use NMap indiscriminately.
C. Unauthorized access or probing beyond publicly available information is illegal and unethical.
What is your team expected to do before performing an active scan?
A. Request permission.
B. Make sure no other team is actively engaged with the system.
C. Signal our active engagement.
D. All of the above.
D. All of the above. (Request permission, make sure no other team is actively engaged with the system, and signal your active engagement)
