FiltersDone

Question type

Essay

Multiple Choice

Short Answer

True False

Matching

Exam 13: Vulnerability Assessment and Data Security

Show Answer

Share

---

All types

Filters

Study FlashcardsPractice ExamLearn

Question 1

Multiple Choice

Review LaterAdd Note

Review Later

An administrator needs to view packets and decode and analyze their contents.What type of application should the administrator use?

A) application analyzer
B) protocol analyzer
C) threat profiler
D) system analyzer

E) C) and D)
F) A) and B)

Correct Answer

verified

Show Answer

Question 2

Multiple Choice

Review LaterAdd Note

Review Later

Which security procedure is being demonstrated if an administrator is using Wireshark to watch for specific inbound and outbound traffic?

A) application search
B) application control
C) firewall monitoring
D) virus control

E) B) and D)
F) A) and D)

Correct Answer

verified

Show Answer

Question 3

True/False

Review LaterAdd Note

The second step in a vulnerability assessment is to determine the assets that need to be protected.

What is the name of the process that basically takes a snapshot of the current security of an organization?

Which of the following groups categorize the risks associated with the use of private data? (Choose all that apply. )

List at least four things that a vulnerability scanner can do.

Which of the following is the goal of a vulnerability scan? (Choose all that apply. )

Which is the term for a computer typically located in an area with limited security and loaded with software and data files that appear to be authentic,yet they are imitations of real data files?

If a penetration tester has gained access to a network and then tries to move around inside the network to other resources,what procedure is the tester performing?

Which item below is the standard security checklist against which systems are evaluated for a security posture?

What process addresses how long data must be kept and how it is to be secured?

What process does a penetration tester rely on to access an ever higher level of resources?

Describe a penetration testing report.

List and describe the three categories that TCP/IP divides port numbers into.

Explain the concepts of personal data theft and identity theft.

In white box and gray box testing,the first task of the tester is to perform preliminary information gathering on their own from outside the organization,sometimes called open source intelligence (OSINT).

Discuss one type of asset that an organization might have.

What term is defined as the state or condition of being free from public attention to the degree that you determine?

What type of reconnaissance is a penetration tester performing if they are using tools that do not raise any alarms?

During a vulnerability assessment,what type of software can be used to search a system for port vulnerabilities?