What can hackers accomplish using malicious port scanning?

“Fingerprint” of the operating system

All the computer names on the network

All the usernames and passwords

Which of the following persons is ultimately in charge of deciding how much residual risk there will be?

Disaster recovery plan coordinator

To show risk from a monetary standpoint, which of the following should risk assessments be based upon?

Quantitative measurement of risk, impact, and asset value

Survey of loss, potential threats, and asset value

Complete measurement of all threats

Qualitative measurement of risk and impact

The main objective of risk management in an organization is to reduce risk to a level _____________. (Fill in the blank.)

Where the ALE is lower than the SLE

Why would a security administrator use a vulnerability scanner? (Select the best answer.)

To identify remote access policies

Why do hackers often target nonessential services? (Select the two best answers.)

Often they are not configured correctly, They are not monitored as often.

They are not monitored as often, They are not used.

They are not used, They are not monitored by an IDS.

They are not monitored by an IDS, Often they are not configured correctly

Which of the following is a technical control?

Baseline configuration development

Categorization of system security

Which of the following is a management control?

Baseline configuration development

What is the best action to take when you conduct a corporate vulnerability assessment?

Organize based on severity and asset value

Document your scan results for the change control board

Examine vulnerability data with a network sniffer

Why should penetration testing only be done during controlled conditions?

Because penetration testing actively tests security controls and cancause system instability.

Because vulnerability scanners can cause network flooding.

Because white-box penetration testing cannot find zero-day attacks.

Because penetration testing passively tests security controls and can cause system instability.

Chapter 11. Vulnerability and Risk Assessment Quiz

30 questions

Show all answers

1.

MULTIPLE CHOICE QUESTION

2 mins • 1 pt

Which type of vulnerability assessments software can check for weak passwords on the network?

Wireshark

Antivirus software

Performance monitor

A password cracker

2.

MULTIPLE CHOICE QUESTION

2 mins • 1 pt

You are contracted to conduct a forensic analysis of the computer. What should you do first?

Backu up the system

Analyze the files

Scan for viruses

Make changes to the operating system

3.

MULTIPLE CHOICE QUESTION

2 mins • 1 pt

Which of the following has schemas written in XML?

OVAL

3DES

WPA

PAP

4.

MULTIPLE CHOICE QUESTION

2 mins • 1 pt

Russ is using only documentation to test the security of a system. What type of testing methodology is this known as?

Active security analysis

Passive security analysis

Hybrid security analysis

Hands-on security analysis

5.

MULTIPLE CHOICE QUESTION

2 mins • 1 pt

Of the following, which is the best way for a person to find out what security holes exist on the network?

Run a port scan

Use a network sniffer

Perform a vulnerability assessment

Use an IDS solution

6.

MULTIPLE CHOICE QUESTION

2 mins • 1 pt

After using Nmap to do a port scan of your server, you find that several ports are open. Which of the following should you do next?

Leave the ports open and monitor them for malicious attacks.

Run the port scan again.

Close all ports.

Examine the services and/or processes that use those ports.

7.

MULTIPLE CHOICE QUESTION

2 mins • 1 pt

Which of the following is a vulnerability assessment tool?

John the Ripper

Aircrack-ng

Nessus

Cain & Abel

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

25 questions

Pre-Test Training Dec.2021

Quiz

•

KG - Professional Dev...

25 questions

HNI Quiz 1

Quiz

•

3rd Grade - Professio...

25 questions

Layering Models

Quiz

•

University

25 questions

Tax Accounting: Vocabulary

Quiz

•

University - Professi...

25 questions

ระบบปฏิบัติการ ชุดที่ 1

Quiz

•

University

25 questions

Dealing with Expatriates and Civil Unrest

Quiz

•

University

25 questions

Advanced Game Design Midterm

Quiz

•

University

25 questions

Understanding Loops in Programming

Quiz

•

University

Popular Resources on Wayground

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

14 questions

Boundaries & Healthy Relationships

Lesson

•

6th - 8th Grade

13 questions

SMS Cafeteria Expectations Quiz

Quiz

•

6th - 8th Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

12 questions

SMS Restroom Expectations Quiz

Quiz

•

6th - 8th Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

10 questions

Pi Day Trivia!

Quiz

•

6th - 9th Grade

Discover more resources for Computers

15 questions

Grammar

Quiz

•

KG - 7th Grade

20 questions

CVC Words

Quiz

•

KG - 1st Grade

10 questions

Authors perspective

Quiz

•

KG - 5th Grade

14 questions

The Cold War

Quiz

•

KG - University

21 questions

Inches

Quiz

•

KG - 2nd Grade

10 questions

Long i- igh, ie, and y Quiz

Quiz

•

KG - 3rd Grade

13 questions

Pi Day Fun

Quiz

•

KG

15 questions

Simple Patterns AB, ABB, ABC

Quiz

•

KG - 1st Grade

Chapter 11. Vulnerability and Risk Assessment

Which type of vulnerability assessments software can check for weak passwords on the network?

You are contracted to conduct a forensic analysis of the computer. What should you do first?

Which of the following has schemas written in XML?

Russ is using only documentation to test the security of a system. What type of testing methodology is this known as?

Of the following, which is the best way for a person to find out what security holes exist on the network?

After using Nmap to do a port scan of your server, you find that several ports are open. Which of the following should you do next?

Which of the following is a vulnerability assessment tool?

You are a consultant for an IT company. Your boss asks you to determine the topology of the network. What is the best device to use in this circumstance?

Which of the following can enable you to find all the open ports on an entire network?

What can hackers accomplish using malicious port scanning?

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Computers