SophiaPretty

(5)

$14/per page/Negotiable

About SophiaPretty

Levels Tought:
Elementary,Middle School,High School,College,University,PHD

Expertise:
Accounting,Algebra See all
Accounting,Algebra,Applied Sciences,Architecture and Design,Art & Design,Biology,Business & Finance,Calculus,Chemistry,Communications,Computer Science,Economics,Engineering,English,Environmental science,Essay writing Hide all
Teaching Since: Jul 2017
Last Sign in: 305 Weeks Ago
Questions Answered: 15833
Tutorials Posted: 15827

Education

  • MBA,PHD, Juris Doctor
    Strayer,Devery,Harvard University
    Mar-1995 - Mar-2002

Experience

  • Manager Planning
    WalMart
    Mar-2001 - Feb-2009

Category > Computer Science Posted 19 Oct 2017 My Price 10.00

Assist with questions listed on document. Thank you.

  1. When implementing a Vulnerability Management Program, in addition to the practice of identifying, classifying, remediating, and mitigating vulnerabilities, which other aspect is

critical?       

 

Cylindrical

 

Reproducible

 

Critical

 

Cyclical

 

 

  1. Which of thefollowing considerations causes the most concern for security:

 

Cost

 

Flat Network Configurations

 

Defense-In-Depth

 

Software

 

 

  1. Standard configurations cause problems, because a flaw in the standard is fixed in all

systems on which it is released.   

 

True

 

False

 

 

  1. An effective VM program cannot exist without management and business support

 

True

 

False

 

 

  1. Which of these is not a common, industry-accepted approach to vulnerability management technology?

 

Snooping

 

Active Scanning

 

Agents

 

Passive Assessment

 

 

  1. Active Scanning uses software that generates and sends packets on the network to hide the

activities of hackers.     

 

True

 

False

 

 

  1. Which one is a problem with Active Scanning?

 

Highly Scalable

 

Can provide incremental information regardless of platform support

 

Potentially support any network device

 

Targets have to be on the network or they are not scanned

 

 

 

 

 

 

 

  1. Which of the following should not be considered when reviewing a VM Solution?

 

Report Progress

 

Accurately Detect Vulnerabilities

 

Exploiting Vulnerabilities

 

Track Remediation Status

 

 

  1. Which of the following is not part of the Vulnerability Handling?

 

Misuse

 

Detect

 

Remediate

 

Analyze

 

 

  1. Understanding systems classification is important so that resources for the VM process can

appropriately be allocated.     

 

True

 

False

 

 

  1. Discovery reports give the ability to identify resources. Which of the following is not a goal of a Discovery Report?     

 

To identify the targets that are in the environment

 

To identify the kinds of targets/operating systems that exist

 

To identify the configurations of the various targets

 

To identify the value of the targets

 

 

  1. When generating a report, it is often beneficial to ignore the architecture of the systems to remove the criticality of a particular system from the decision making process

 

True

 

False

 

 

  1. Which of the following are useful VM reports (Select All that Apply):

 

Configuration Vulnerabilities by Operational Area

 

Vulnerabilities per Application

 

Configurations Vulnerabilities discovered vs. Remediated by severity and/or Type

 

Vulnerabilities by Severity across Operational Area

 

 

  1. Which is not a typical section to be added to the VM Project's Charter?

 

Scan Results

 

Introduction: Business Value

 

Goal and Objectives

 

Scope

 

 

 

 

 

  1. The RFP should not include which of the following:

 

Competitor Information

 

Size Requirements

 

Existing Processes

 

Operating Environment

 

 

 

  1. When reviewing a Risk-Based strategy for scanning, which systems should not be

considered for scanning?     

 

Public Facing DMZs

 

Communication Systems

 

User Desktops

 

Mission-Critical Systems

 

 

  1. Strategic vulnerabilities should address with all but which one of the following?

 

Re-evaluate the operating environment

 

Review Internal vulnerabilities

 

Manage external factors

 

Review external vulnerabilities

 

 

  1. When reviewing the Operational Environment, which of the following External Business

Requirements should be reviewed?     

 

Number of Solutions

 

The Corporate Web site

 

Government Regulations

 

Corporate Policies

 

 

  1. When analyzing the weakness and strength of the infrastructure, which of the following needs to be taken into consideration?

 

Separate the system architecture into segregated networks for protection

 

Having complex and single solution at the perimeter that can protect all systems

 

Internet facing systems should are not targets

 

A DoS attack is difficult to complete

 

 

  1. When trying to understand the attack, and focusing on the goal versus the objective of the attack which is not considered?

 

Alter the nature of the asset to diffuse the vulnerability

 

Find ways in the marketing process that a competitor might discover that your processes or methods are somehow flawed or inferior

 

Consider the impact of any data breach

 

Minimize logical concentration points of data

 

 

 

 

 

 

 

  1. What is the most important step to take prior to performing any audit or penetrations

testing?         

 

Conduct a thorough analysis of the organization’s internet facing servers.

 

Use a public internet connection to perform your footprinting steps of the organization.

 

Get permission in writing to perform the audit or penetration test.

 

Run a scan against the company’s firewalls to ensure that it is configured properly.            

 

 

  1. How can you determine which systems are alive on the network?

 

Check for power on each machine.

 

Use netcat to connect to the servers through port 458.

 

Ask the target site through social engineering tactics which IP’s are active for their associated network ranges.

 

Run a ping sweep of the network.

 

 

  1. Nessus is a VM Tool that is a closed tool and does not allow for custom scan

configurations.    This allows Tenable Security to maintain product integrity.     

 

True

 

False

 

 

  1. Metasploit allows you to scan networks and detect vulnerabilities as well as exploit them.

 

True

 

False

 

 

  1. Burp Suite offers all but which of the following capabilities?

 

Proxy

 

Remediation

 

Scanning

 

Spidering

 

 

Attachments:

Answers

SophiaPretty
(5)
Status NEW Posted 19 Oct 2017 10:10 AM My Price 10.00

-----------  ----------- H-----------ell-----------o S-----------ir/-----------Mad-----------am ----------- Th-----------ank----------- yo-----------u f-----------or -----------you-----------r i-----------nte-----------res-----------t a-----------nd -----------buy-----------ing----------- my----------- po-----------ste-----------d s-----------olu-----------tio-----------n. -----------Ple-----------ase----------- pi-----------ng -----------me -----------on -----------cha-----------t I----------- am----------- on-----------lin-----------e o-----------r i-----------nbo-----------x m-----------e a----------- me-----------ssa-----------ge -----------I w-----------ill----------- be----------- qu-----------ick-----------ly

Not Rated(0)