TESTOUT Security Pro Q &A VERIFIED
TESTOUT Security Pro Q &A VERIFIED Which of the following functions can a port scanner provide? -Determining which ports are open on a firewall -Discovering unadvertised servers Which of the following is the type of port scan that does not complete the full three-way TCP handshake, but rather listens only for either SYN/ACK or RST/ACK packets? You want to make sure that a set of servers will only accept traffic for specific network services. You have verified that the servers are only running the necessary services, but you also want to make sure that the servers will not accept packets sent to those services. Which tool should you use? Port scanner You want to be able to identify the services running on a set of servers on your network. Which tool would best give you the information you need? Vulnerability scanner You want to identify all devices on a network along with a list of open ports on those devices. You want the results displayed in a graphical diagram. Which tool should you use? Network mapper You want to use a tool to scan a system for vulnerabilities, including open ports, running services, and missing patches. Which tools should you use? (Select two.) -Nessus -Retina You want to check a server for user accounts that have weak passwords. Which tool should you use? John the Ripper Which of the following are performed by the Microsoft Baseline Security Analyzer (MBSA) tool? (Select three.) Check user accounts for weak passwords Check for open ports Check for missing patches Which of the following identifies standards and XML formats for reporting and analyzing system vulnerabilities? OVAL You are using a vulnerability scanner that conforms to the OVAL specifications. Which of the following items contains a specific vulnerability or security issue that could be present on a system? Definition You have run a vulnerability scanning tool and identified several patches that need to be applied to a system. What should you do next after applying the patches? Run the vulnerability assessment again You want to use a vulnerability scanner to check a system for known security risks. What should you do first? Update the scanner definition files A security administrator logs on to a Windows server on her organization's network. She then runs a vulnerability scan on that server. What type of scan was conducted in this scenario? Credentialed scan A security administrator needs to run a vulnerability scan that will analyze a system from the perspective of a hacker attacking the organization from the outside. What type of scan should he use? Non-credentialed scan You want to identify traffic that is generated and sent through the network by a specific application running on a device. Which tool should you use? Protocol analyzer You want to know which protocols are being used on your network. You'd like to monitor network traffic and sort traffic by protocol. Which tool should you use? Packet sniffer You want to use a tool to see packets on a network, including the source and destination of each packet. Which tool should you use? Wireshark You have a small network of devices connected using a switch. You want to capture the traffic that is sent from Host A to Host B. On Host C, you install a packet sniffer that captures network traffic. After running the packet sniffer, you cannot find any captured packets between Host A and Host B. What should you do? Configure port mirroring
Written for
- Institution
- TESTOUT Security Pro Q &A VERIFIED
- Course
- TESTOUT Security Pro Q &A VERIFIED
Document information
- Uploaded on
- February 5, 2024
- Number of pages
- 15
- Written in
- 2023/2024
- Type
- Exam (elaborations)
- Contains
- Questions & answers
Subjects
-
testout security pro q a v
-
testout security pro q a verified
