TestOut Network Pro 12.2.10 Practice Questions and Answers

TestOut Network Pro 12.2.10 Practice Questions and Answers A network utilizes a network access control (NAC) solution to defend against malware. When a wired or wireless host tries to connect to the network, a NAC agent on the host checks it to make sure it has all of the latest operating system updates installed and that the latest antivirus definitions have been applied. What is this process called? -Answer-Posture assessment When a wired or wireless host tries to connect to a network, a NAC agent on the host checks it to make sure it has all of the latest operating system updates installed and that the latest antivirus definitions have been applied. This is called a posture assessment. The agent then submits the results of the assessment as a Statement of Health (SoH) to the system health validator (SHV). If the host does not meet the client health requirements configured in the NAC system, the host is placed on a quarantine network to be remediated. Port security is configured on a switch to restrict connections to hosts with specific MAC addresses. When analyzing assets, which analysis method assigns financial values to assets? -Answer- Quantitative Quantitative analysis assigns a financial value, or a real number (and the cost required to recover from a loss) to each asset. Qualitative analysis seeks to identify costs that cannot be concretely defined. Transfer and acceptance are responses to risk, not risk analysis methods. What is the main difference between vulnerability scanning and penetration testing? -Answer- Vulnerability scanning is performed within the security perimeter; penetration testing is performed outside of the security perimeter. Penetration testing simulates an actual attack on the network and is conducted from outside the organization's security perimeter. Vulnerability scanning is typically performed internally by users with administrative access to the system.