FiltersDone

Question type

Essay

Multiple Choice

Short Answer

True False

Matching

Exam 13: Vulnerability Assessment and Data Security

Show Answer

Share

---

All types

Filters

Study FlashcardsPractice ExamLearn

Question 1

Essay

Review LaterAdd Note

Review Later

List at least four things that a vulnerability scanner can do.

Correct Answer

verified

A vulnerability scanner can do the follo...

View Answer

Show Answer

Question 2

True/False

Review LaterAdd Note

Review Later

In white box and gray box testing,the first task of the tester is to perform preliminary information gathering on their own from outside the organization,sometimes called open source intelligence (OSINT).

Correct Answer

verified

False

Question 3

Essay

Review LaterAdd Note

Discuss one type of asset that an organization might have.

If a penetration tester has gained access to a network and then tries to move around inside the network to other resources,what procedure is the tester performing?

What term is defined as the state or condition of being free from public attention to the degree that you determine?

Which of the following groups categorize the risks associated with the use of private data? (Choose all that apply. )

Describe a penetration testing report.

Which of the following is the goal of a vulnerability scan? (Choose all that apply. )

An administrator needs to view packets and decode and analyze their contents.What type of application should the administrator use?

What process does a penetration tester rely on to access an ever higher level of resources?

Which security procedure is being demonstrated if an administrator is using Wireshark to watch for specific inbound and outbound traffic?

What is the name of the process that basically takes a snapshot of the current security of an organization?

Which is the term for a computer typically located in an area with limited security and loaded with software and data files that appear to be authentic,yet they are imitations of real data files?

The second step in a vulnerability assessment is to determine the assets that need to be protected.

Which item below is the standard security checklist against which systems are evaluated for a security posture?

Explain the concepts of personal data theft and identity theft.

During a vulnerability assessment,what type of software can be used to search a system for port vulnerabilities?

What process addresses how long data must be kept and how it is to be secured?

What type of reconnaissance is a penetration tester performing if they are using tools that do not raise any alarms?

List and describe the three categories that TCP/IP divides port numbers into.