SophiaPretty

(5)

$14/per page/Negotiable

About SophiaPretty

Levels Tought:
Elementary,Middle School,High School,College,University,PHD

Expertise:
Accounting,Algebra See all
Accounting,Algebra,Applied Sciences,Architecture and Design,Art & Design,Biology,Business & Finance,Calculus,Chemistry,Communications,Computer Science,Economics,Engineering,English,Environmental science,Essay writing Hide all
Teaching Since: Jul 2017
Last Sign in: 305 Weeks Ago
Questions Answered: 15833
Tutorials Posted: 15827

Education

  • MBA,PHD, Juris Doctor
    Strayer,Devery,Harvard University
    Mar-1995 - Mar-2002

Experience

  • Manager Planning
    WalMart
    Mar-2001 - Feb-2009

Category > Computer Science Posted 19 Oct 2017 My Price 10.00

Assist with following attachment word document for questions.

  1. When implementing a Vulnerability Management Program, in addition to the practice of identifying, classifying, remediating and mitigating vulnerabilities, which other aspect is critical?

 

Cylindrical

 

Reproducible

 

Critical

 

Cyclical

 

 

  1. Methods to Handle Risk include all but which one of the following:

 

Accept

 

Reduce

 

Mitigate

 

Negotiate

 

 

  1. Compliance may not bring real security to an organization. Which is NOT a compliance requirement?

 

SOX

 

GLB

 

PCI

 

SDL

 

 

  1. Three factors have made vulneraility exposure more difficult to recognize. Which is NOT a factor?

 

Identification

 

Compromise

 

Availability

 

Exploitation

 

 

  1. Management has direct liability in certain States concerning vulnerabilities. California Law requires "business to notify residents whose personal information has been acquired by unauthorized persons." This law is:

 

California Civil Code 1798

 

Protection and Rights Act (1998)

 

California Civil Code 1600

 

California Civil Code 2010

 

 

  1. A compulsary objective would be:

 

Market share

 

Sales goal

 

Insurance

 

Reputation

 

 

  1. What is the most important step to take prior to performing any audit or penetration testing?

 

Conduct a thorough analysis of the organization's internet facing servers.

 

Use a public internet connection to perform your footprinting steps of the organization.

 

Get permission in writing to perform the audit or penetration test.

 

Run a scan against the company's firewalls to ensure that it is configured properly.

 

 

  1. What is the function of wget?

 

Alternative to FTP

 

Backup a website

 

Copy a website HTML code

 

Secure a website

 

 

  1. Which is a good source of footprinting a publically traded organization?

 

VIAM

 

FINDER

 

EDGAR

 

ICANN

 

 

  1. ICANN coordinates all except:

 

Internet domain names

 

Port numbers

 

IP addresses

 

MAC addresses

 

 

  1. The National Internet Registry for North America and South America is:

 

APNIC

 

RIPE

 

LACNIC

 

ARIN

 

 

  1. TRACEROUTE uses which one of the following protocols:

 

SSH

 

ICMP

 

DNS

 

TCP

 

 

  1. Which generic participant classes participate in a VM program (Choose two that apply)

 

Contributing Role

 

Operational Role

 

Vulnerability Role

 

Restructuring Role

 

 

  1. Which is NOT a program phase during the development cycle?

 

Concept

 

Policy

 

Design

 

Charter

 

 

  1. A specific operational role that is responsible for assuring the correct configuration and operation of technology is:

 

Compliance Manager

 

Vulnerability Manager

 

Change Manager

 

Incident Manager

 

 

  1. The compliance organization uses the following data to verify compliance, except:

 

Current operations documentation

 

VM policies

 

Scan results

 

Process documentation

 

 

  1. How can you determine which systems are alive on the network?

 

Check for power on each machine.

 

Use netcat to connect to the servders through port 458.

 

Ask the target site through social engineering tactics which IP's are active fore their associated network ranges.

 

Run a ping sweep of the network.

 

 

  1. A comprehensive ping sweep using nmap -sn uses the following protocols except:

 

DNS

 

TCP

 

ICMP

 

ARP

 

 

  1. Banner grabbing is:

 

Analyzing warning banners.

 

Verifying copyright notices.

 

Connecting to remote services and observing output.

 

Verifying hardware cautions.

 

 

  1. A disadvantage to the Passive Network Analysis model is:

 

It does not interact with the network to discover hosts and vulnerabilities.

 

Discovery is continuous.

 

Limited visibility into vulnerabilities.

 

Little to no testing is required.

 

 

  1. Which one is not an advantage of Active Scanning?

 

Highly Scalable

 

Can provide incremental information regardless of platform support

 

Potentially support any network device

 

Targets have to be on the network or they are not scanned

 

 

  1. With most hardware based appliances, scanners report back to a central server using all except:

 

Polling

 

Reverse polling

 

On-demand connection

 

Tokens

 

 

  1. Agents have the following disadvantages, except:

 

They may conflict with other applications.

 

They cannot be used on imbedded systems.

 

They do not operate over the network.

 

They may not have sufficient privileges.

 

 

  1. For local users in a WINDOWS environment, hashed passwords are kept in which database?

 

Active Directory

 

Passwd File

 

Security Accounts Manager

 

Domain Controllet

 

 

  1. For users in a UNIX environment, passwords are kept in which file?

 

SAM

 

NFS

 

HOME

 

Shadow

 

 

  1. A tool that can create a back door to a system is:

 

netcat

 

ICMP

 

DNSsniffer

 

ARPreader

 

 

  1. Which of the following is not a choice when considering a VM Solution?

 

Accurately Detect Vulnerabilities

 

Report Progress

 

Track Remediation Status

 

Exploiting Vulnerabilities

 

 

  1. The Vulneratility Handling Process includes all but which one of the following?

 

Detect

 

Exploit

 

Remediate

 

Analyze

 

 

  1. The first step in deploying physical scanners is to:

 

Evaluate the scope

 

Assign responsibilities for scanner process

 

Develop a deployment policy

 

Select a central location to which all scanners will report

 

 

  1. The following are steps for deploying agents, except:

 

Install on active workstations

 

Install agents on domain controllers

 

Install agents on all devices in a network

 

Change rights and privileges of agents

 

 

  1. Metasploit allows you to scan networks and detect vulnerabilities as well as exploit them.

 

True

 

False

 

 

  1. In WINDOWS, to elevate privileges, you can use:

 

arp

 

getadmin

 

CAIN

 

pwdump

 

 

  1. In UNIX, one uses which file to find encrypted passwords?

 

passwd

 

Active Directory

 

SAM

 

shadow

 

 

 

Assignment Objectives

  • Create 5 multiple choice questions from chapters 1 - 5 (no repeats from quiz questions submitted)

Other Information

There is no additional information to display at this time.

 

Legend

  • Extra Credit
  • View Assignment Rubric

Collapse All | Expand All Collapse All | Expand All

Assignment Details

Assignment Description

  1. When implementing a Vulnerability Management Program, in addition to the practice of identifying, classifying, remediating and mitigating vulnerabilities, which other aspect is critical?

 

Cylindrical

 

Reproducible

 

Critical

 

Cyclical

 

 

  1. Methods to Handle Risk include all but which one of the following:

 

Accept

 

Reduce

 

Mitigate

 

Negotiate

 

 

  1. Compliance may not bring real security to an organization. Which is NOT a compliance requirement?

 

SOX

 

GLB

 

PCI

 

SDL

 

 

  1. Three factors have made vulneraility exposure more difficult to recognize. Which is NOT a factor?

 

Identification

 

Compromise

 

Availability

 

Exploitation

 

 

  1. Management has direct liability in certain States concerning vulnerabilities. California Law requires "business to notify residents whose personal information has been acquired by unauthorized persons." This law is:

 

California Civil Code 1798

 

Protection and Rights Act (1998)

 

California Civil Code 1600

 

California Civil Code 2010

 

 

  1. A compulsary objective would be:

 

Market share

 

Sales goal

 

Insurance

 

Reputation

 

 

  1. What is the most important step to take prior to performing any audit or penetration testing?

 

Conduct a thorough analysis of the organization's internet facing servers.

 

Use a public internet connection to perform your footprinting steps of the organization.

 

Get permission in writing to perform the audit or penetration test.

 

Run a scan against the company's firewalls to ensure that it is configured properly.

 

 

  1. What is the function of wget?

 

Alternative to FTP

 

Backup a website

 

Copy a website HTML code

 

Secure a website

 

 

  1. Which is a good source of footprinting a publically traded organization?

 

VIAM

 

FINDER

 

EDGAR

 

ICANN

 

 

  1. ICANN coordinates all except:

 

Internet domain names

 

Port numbers

 

IP addresses

 

MAC addresses

 

 

  1. The National Internet Registry for North America and South America is:

 

APNIC

 

RIPE

 

LACNIC

 

ARIN

 

 

  1. TRACEROUTE uses which one of the following protocols:

 

SSH

 

ICMP

 

DNS

 

TCP

 

 

  1. Which generic participant classes participate in a VM program (Choose two that apply)

 

Contributing Role

 

Operational Role

 

Vulnerability Role

 

Restructuring Role

 

 

  1. Which is NOT a program phase during the development cycle?

 

Concept

 

Policy

 

Design

 

Charter

 

 

  1. A specific operational role that is responsible for assuring the correct configuration and operation of technology is:

 

Compliance Manager

 

Vulnerability Manager

 

Change Manager

 

Incident Manager

 

 

  1. The compliance organization uses the following data to verify compliance, except:

 

Current operations documentation

 

VM policies

 

Scan results

 

Process documentation

 

 

  1. How can you determine which systems are alive on the network?

 

Check for power on each machine.

 

Use netcat to connect to the servders through port 458.

 

Ask the target site through social engineering tactics which IP's are active fore their associated network ranges.

 

Run a ping sweep of the network.

 

 

  1. A comprehensive ping sweep using nmap -sn uses the following protocols except:

 

DNS

 

TCP

 

ICMP

 

ARP

 

 

  1. Banner grabbing is:

 

Analyzing warning banners.

 

Verifying copyright notices.

 

Connecting to remote services and observing output.

 

Verifying hardware cautions.

 

 

  1. A disadvantage to the Passive Network Analysis model is:

 

It does not interact with the network to discover hosts and vulnerabilities.

 

Discovery is continuous.

 

Limited visibility into vulnerabilities.

 

Little to no testing is required.

 

 

  1. Which one is not an advantage of Active Scanning?

 

Highly Scalable

 

Can provide incremental information regardless of platform support

 

Potentially support any network device

 

Targets have to be on the network or they are not scanned

 

 

  1. With most hardware based appliances, scanners report back to a central server using all except:

 

Polling

 

Reverse polling

 

On-demand connection

 

Tokens

 

 

  1. Agents have the following disadvantages, except:

 

They may conflict with other applications.

 

They cannot be used on imbedded systems.

 

They do not operate over the network.

 

They may not have sufficient privileges.

 

 

  1. For local users in a WINDOWS environment, hashed passwords are kept in which database?

 

Active Directory

 

Passwd File

 

Security Accounts Manager

 

Domain Controllet

 

 

  1. For users in a UNIX environment, passwords are kept in which file?

 

SAM

 

NFS

 

HOME

 

Shadow

 

 

  1. A tool that can create a back door to a system is:

 

netcat

 

ICMP

 

DNSsniffer

 

ARPreader

 

 

  1. Which of the following is not a choice when considering a VM Solution?

 

Accurately Detect Vulnerabilities

 

Report Progress

 

Track Remediation Status

 

Exploiting Vulnerabilities

 

 

  1. The Vulneratility Handling Process includes all but which one of the following?

 

Detect

 

Exploit

 

Remediate

 

Analyze

 

 

  1. The first step in deploying physical scanners is to:

 

Evaluate the scope

 

Assign responsibilities for scanner process

 

Develop a deployment policy

 

Select a central location to which all scanners will report

 

 

  1. The following are steps for deploying agents, except:

 

Install on active workstations

 

Install agents on domain controllers

 

Install agents on all devices in a network

 

Change rights and privileges of agents

 

 

  1. Metasploit allows you to scan networks and detect vulnerabilities as well as exploit them.

 

True

 

False

 

 

  1. In WINDOWS, to elevate privileges, you can use:

 

arp

 

getadmin

 

CAIN

 

pwdump

 

 

  1. In UNIX, one uses which file to find encrypted passwords?

 

passwd

 

Active Directory

 

SAM

 

shadow

 

 

 

Assignment Objectives

  • Create 5 multiple choice questions from chapters 1 - 5 (no repeats from quiz questions submitted)

Other Information

There is no additional information to display at this time.

 

Legend

  • Extra Credit
  • View Assignment Rubric


© 2017 Colorado Technical University - Colorado Springs.
  All Rights Reserved. Authorized Users Only.

 

Attachments:

Answers

SophiaPretty
(5)
Status NEW Posted 19 Oct 2017 01:10 PM My Price 10.00

-----------  ----------- H-----------ell-----------o S-----------ir/-----------Mad-----------am ----------- Th-----------ank----------- yo-----------u f-----------or -----------you-----------r i-----------nte-----------res-----------t a-----------nd -----------buy-----------ing----------- my----------- po-----------ste-----------d s-----------olu-----------tio-----------n. -----------Ple-----------ase----------- pi-----------ng -----------me -----------on -----------cha-----------t I----------- am----------- on-----------lin-----------e o-----------r i-----------nbo-----------x m-----------e a----------- me-----------ssa-----------ge -----------I w-----------ill----------- be----------- qu-----------ick-----------ly

Not Rated(0)
Relevent Questions