ISOL 533 -Which of the following statements is true regarding

ISOL 533 -Which of the following statements is true regarding
Question 1
Which of the following statements is true regarding the use of service patches?
Service patches are an ineffective means of fixing a server’s vulnerability.
Applying a patch to a server guarantees that a risk has been mitigated.
The system administrator has no way of verifying that the patch has raised the version number.
The system administrator can directly test a patch’s effectiveness to assure that the vulnerability is closed.
10 points
Question 2
In the Lab 5 Nmap Scan Report, what was the total number of loaded scripts for scanning?
4
36
72
100
10 points
Question 3
In the Lab 5 Nmap Scan Report, what is the source IP address of the Cisco Adaptive Security Appliance device?
172.16.20.1
172.17.20.1
172.20.20.1
172.30.0.1
10 points
Question 4
The Nmap operator can infer what services are running by knowing:
potential attackers motives.
what specific ports are listening.
what vulnerabilities are being targeted.
the patches that are currently available.
10 points
Question 5
Which of the following has one purpose: to send crafted packets to a targeted Internet Protocol (IP) address to determine what ports are listening for connections?
Nessus
CVE
Nmap
Cisco ASA
10 points
Question 6
Which of the following would a person with malicious intent use to research what vulnerabilities to exploit?
Nessus
CVE
Nmap
Cisco ASA
10 points
Question 7
In the Lab 5 Nessus Vulnerability Scan Report, how many IP hosts were identified in the Scan Report?
1
5
7
13
10 points
Question 8
In the Lab 5 Nessus Vulnerability Scan Report, how many of the vulnerabilities found on the 172.16.20.1 host were ranked “critical”?
1
2
4
10 points
Question 9
In the Lab 5 Nessus Vulnerability Scan Report, how many of the vulnerabilities found on the 172.16.20.1 host were ranked “high”?
1
6
9
10 points
Question 10
In the Lab 5 Nessus Vulnerability Scan Report, how many open ports were found on the 172.30.0.10 host?
2
5
22
37
10 points
Question 11
In the Lab 5 Nessus Vulnerability Scan Report for the 172.30.0.10 host, the first vulnerability found was: MS08-067 Microsoft Windows Server Service Crafted RPC Request Handling Remote Code Execution (958644) (uncredentialed check). What solution was provided for this vulnerability?
Disable this service if you do not use it.
Filter out the ICMP timestamp requests (13), and the outgoing ICMP timestamp replies (14).
Access this device and set a password using ‘enable secret’.
Microsoft has released a set of patches for Windows 2000, XP, 2003, Vista and 2008.
10 points
Question 12
Which of the following would produce more benefit from Nessus plug-ins?
Update the plug-ins on install.
Use only the default setting for updating the plug-ins.
Do not make any updates to the plug-ins.
Disable all plug-ins.
10 points
Question 13
Which of the following statements is true regarding Nessus?
It is difficult to install and run.
It is cost-prohibitive for home use.
Very few plug-ins are available for it.
Reporting can be detailed and customized.
10 points
Question 14
As a vulnerability scanner, __________ scans the networked devices for potential weaknesses and exploitable services.
Nessus
CVE
Nmap
Cisco ASA
10 points
Question 15
Which of the following can be used as a compliance tool by loading a configuration file and then scanning the network to verify compliance against your end devices?
Nessus
CVE
Nmap
Cisco ASA
10 points
Question 16
Which of the following is a free, publicly available list or dictionary of standard identifiers for common computer vulnerabilities and exposures?
Nessus
CVE
Nmap
Cisco ASA
10 points
Question 17
What does the acronym CVE stand for?
Common Vulnerabilities and Exposures
Certified Vulnerability Enterprise
Central Vulnerability Exposures
Center for Vulnerabilities and Exposures
10 points
Question 18
According to CVE, which of the following is a mistake in software that can be directly used by a hacker to gain access to system or network?
Threat
Vulnerability
Exposure
Risk
10 points
Question 19
According to CVE, which of the following is a system configuration issue or a mistake in software that allows access to information or capabilities that can be used by a hacker as a stepping-stone into a system or network?
Threat
Vulnerability
Exposure
Risk
10 points
Question 20
The letters “ASA” in the Cisco ASA 5505 Security products stand for:
Augmented Server Apparatus.
Assessment Scanner Administration.
Adaptive Security Appliance.
Authorized Service Application.

 

"Is this question part of your assignment? We Can Help!"

Essay Writing Service