TestOut Network Pro 12.2.10 Practice Questions and Answers

TestOut Network Pro 12.2.10 Practice Questions and Answers A network utilizes a network access control (NAC) solution to defend against malware. When a wired or wireless host tries to connect to the network, a NAC agent on the host checks it to make sure it has all of the latest operating system updates installed and that the latest antivirus definitions have been applied. What is this process called? -Answer-Posture assessment When a wired or wireless host tries to connect to a network, a NAC agent on the host checks it to make sure it has all of the latest operating system updates installed and that the latest antivirus definitions have been applied. This is called a posture assessment. The agent then submits the results of the assessment as a Statement of Health (SoH) to the system health validator (SHV). If the host does not meet the client health requirements configured in the NAC system, the host is placed on a quarantine network to be remediated. Port security is configured on a switch to restrict connections to hosts with specific MAC addresses. When analyzing assets, which analysis method assigns financial values to assets? -Answer- Quantitative Quantitative analysis assigns a financial value, or a real number (and the cost required to recover from a loss) to each asset. Qualitative analysis seeks to identify costs that cannot be concretely defined. Transfer and acceptance are responses to risk, not risk analysis methods. What is the main difference between vulnerability scanning and penetration testing? -Answer- Vulnerability scanning is performed within the security perimeter; penetration testing is performed outside of the security perimeter. Penetration testing simulates an actual attack on the network and is conducted from outside the organization's security perimeter. Vulnerability scanning is typically performed internally by users with administrative access to the system. The goal of both vulnerability scanning and penetration testing is to identify the effectiveness of security measures and identify weaknesses that can be fixed. While some penetration testing is performed with no knowledge of the network, penetration testing could be performed by testers with detailed information about the systems. Both vulnerability scanning and penetration testing can use similar tools, although you should avoid illegal tools in both activities. A security administrator is conducting a penetration test on a network. She connects a notebook system running Linux to the wireless network and then uses Nmap to probe various network hosts to see which operating system they are running. Which process did the administrator use for the penetration test in this scenario? -Answer-Active fingerprinting The administrator in this scenario used active fingerprinting. Active fingerprinting is a form of system enumeration that is designed to gain as much information about a specific computer as possible. It identifies operating systems based upon ICMP message quoting characteristics. Portions of an original ICMP request are repeated (or quoted) within the response, and each operating system quotes this information back in a slightly different manner. Active fingerprinting can determine the operating system and eve