Specialist Questions And Answers 100%
Guaranteed Success.
What type of vulnerability assessment technique involves using exploit tools? - correct
answer. Penetration Testing (Most Invasive)
Which vulnerability assessment provides feedback on performance in comparison to
industry peers? - correct answer. Gap Assessment (High Level - Least invasive)
Which type of assessment may include reviewing document, system walk-thru, traffic
analysis, or ARP tables? - correct answer. Passive Assessment
Vulnerability Assessment - correct answer. Defines,
Identifies,
Classifies the security vulnerabilities
Penetration Testing - correct answer. Exploits vulnerabilities
Which type of assessment uses tools to discover devices and vulnerabilities of the
IACS? - correct answer. Active Assessment
What type of vulnerability assessment identifies the worst-case unmitigated risk that the
SuC presents to the organization? - correct answer. Cyber Risk Assessment
Which gap assessment tool was created by the US DHS? - correct answer. CSET
What type of tool is used to capture and display Ethernet communications? - correct
answer. Packet Capture
A feature that sends a copy of a network from one or more switch ports to a special
monitoring port is called: - correct answer. Port Mirroring
, Which computer programs assess computers, computer systems, networks or
applications for weaknesses against databases of know vulnerabilities? - correct
answer. Network Vulnerability Scanning Tools
Nessuss, Nexpose, and Retina are assessment tools used to discover: - correct
answer. System Vulnerabilities
What is the entity that can manifest a threat? - correct answer. Threat source
What is the term for the likelihood of the threat scenario occurring and leading to the
final consequence taking into account all protection measures and cybersecurity
countermeasures in place? - correct answer. Mitigated Threat Likelihood (MTL)
Delaying or blocking the flow of information in a system is an example of the following
threat vector: - correct answer. Denial of Service
Which threat vector involves the unauthorized redirection of data? - correct answer.
Information Disclosure
What is the likelihood of the threat occurring and leading to the final consequence
without any cybersecurity countermeasures in place? - correct answer. Unmitigated
Threat Likelihood (UTL)
CIA - correct answer. Confidentiality, Integrity, Availability
Which of the following is the term for the undesirable result of an incident? - correct
answer. Consequence
Which term is used to describe the passive collection of data in packet capture
programs? - correct answer. Sniffing the Ethernet
What is a measure of the degree of risk reduction required to achieve tolerable risk? -
correct answer. Cyber Risk Reduction Factor
What is the formula used to calculate risk? - correct answer. Risk = Threat X
Vulnerability X Consequence
What is a CRS? - correct answer. Cybersecurity Requirements Specification
What are the 3 phases of the security life cycle in the 62443 Standard? - correct
answer. 1. Assess
2. Develop and Implement
3. Maintain
Continuous process needed to minimize risks