Certification 2026 Best Training Courses & Study
Resources (Official vs. Third-Party)
You can tag assets directly on the Cumulative Assets page
1. True 2. False
True
When you created the Regions:HQ tag in the lab, what filter was still set, other
than IPv4 Address? 1.
Type is equal to Host
2. Licensed is True
3. Last Seen is equal to within last 30 days
4. Source is equal to Nessus Scan
Type is equal to Host
What is the purpose of cloud connectors in Tenable Vulnerability Management?
1. To increase the cloud storage capacity for Tenable Vulnerability Management.
2. To gather asset data from supported cloud platforms.
3. To directly fix vulnerabilities found in cloud platforms
4. To enhance the user interface of Tenable Vulnerability Management for cloud
services.
To gather asset data from supported cloud platforms.
What filter would you use to identify assets that have not been actively scanned
in an Amazon Web Services (AWS) environment?
1. Source Does not contain AWS vulnerability data
2. (Source is equal to Cloud Discovery Connector AND Cloud Provider is equal to
AWS) AND (Source is not equal to Nessus Agent OR Source is not equal to
Nessus Scan)
3. Source Contains AWS, but Does not contain Google Cloud Platform (GCP)
4. Source Contains Agent data, but Does not contain Nessus data
,(Source is equal to Cloud Discovery Connector AND Cloud Provider is equal to
AWS)
AND (Source is not equal to Nessus Agent OR Source is not equal to Nessus Scan)
Which of the following is NOT a function of the integrations available with
Tenable Vulnerability Management?
1. Third-party application integration
2. Configuration management database (CMDB)
3. Asset discovery
4. Automated vulnerability patching
Automated vulnerability
patching
What is the primary reason host discovery is considered a crucial first step in
vulnerability management programs?
1. It enhances the speed of your internet connection.
2. It helps you remove viruses from your network quickly
3. It reduces the cost of network management.
4. It provides visibility into all the devices present in the network.
It provides visibility into all the devices present in the network.
What is the main advantage of using the default Host Discovery scan template?
1. It quickly gathers identification and intelligence information on assets with
minimal network impact.
2. It automatically repairs any vulnerabilities found.
3. It increases the security of the network by enforcing stricter policies.
4. It eliminates the need for manual intervention in the scanning process. It
quickly gathers identification and intelligence information on assets with
minimal network impact.
Why should discovery scans be run regularly within an organization?
1. To comply with international cybersecurity standards.
2. To maintain an up-to-date view of active hosts within the environment
3. To monitor employee internet usage.
4. To reduce bandwidth consumption on the network.
To maintain an up-to-date view of active hosts within the environment
,What is the recommended best practice when running scans related to
firewalls?
1. Ensure all scans are run exclusively through firewalls for maximum security.
2. Always use Internet Control Message Protocol (ICMP) pings to ensure the
firewall is operational
3. Avoid scanning through a firewall if possible to prevent
misinterpretation as an attack.
4. Disable the firewall during scans to ensure uninterrupted scanning.
Avoid scanning through a firewall if possible to prevent misinterpretation as an
attack
Which scan policy is normally used for a Basic Host Discovery scan?
1. Advanced Network Scan
2. Basic Network Scan
3. Discovery Scan
4. Ping Sweep
Discovery Scan
Look at your lab scan 'Operating System Discovery - HQ'. What is the plugin ID
for OS Identification?
1. 10180
2. 19506
3. 10287
4. 11936
11936
What types of pings can be enabled and/or disabled in a Host Discovery scan?
1. TCP
2. All of these
3. ARP
4. ICMP
All of these
What is the purpose of customizing a Host Discovery scan?
1. To reduce the security of the network.
2. To decrease the amount of information gathered during a scan.
3. To get the best performance and results based on specific network needs and
traffic.
, 4. To reduce the security of the host
To get the best performance and results based on specific network needs and
traffic Look at your lab scan 'Operating System Discovery - HQ'. How many
assets returned OS Identification?
1.None
2. 2
3. 5
4. 7
2
Which method is used for Operating System (OS) identification in a Host
Discovery scan?
1. Guessing the operating system based on network responses.
2. Scanning the host with default credentials.
3. Using a direct authentication method
4. Manually inputting the operating system for each host.
Guessing the operating system based on network responses.
What happens when you select 'All' for port scanning?
1. It only scans the ports that are currently open
2. It limits the scan to only the most used ports.
3. It scans all 65,535 ports, potentially slowing down the scan and stressing the
network
4. It scans a custom list of ports provided by the user.
It scans all 65,535 ports, potentially slowing down the scan and stressing the
network
What setting is enabled by default for port scans, in order to speed up the
process?
1. Only the SYN scanner.
2. Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) port
scans.
3. Internet Control Message Protocol (ICMP) ping responses.
4. Manual selection of each port to be scanned.
Only the SYN scanner
Operating System (OS) identification using a Host Discovery scan is always
completely reliable.