I Hate CBT's

View Original

11.4 12

Dwayne Morise

Question: A security administrator logs onto a Windows server on her organization’s network. Then she runs a vulnerability scan on that server.

Which type of scan was conducted in this scenario?

Answer: Credentialed scan

Question: In your role as a security analyst, you ran a vulnerability scan, and several vulnerabilities were reported. Upon further inspection, none of the vulnerabilities actually existed.

Which type of result is this?

Answer: False positive

Question: A security administrator needs to run a vulnerability scan that analyzes a system from the perspective of a hacker attacking the organization from the outside.

Which type of scan should he or she use?

Answer: Non-credentialed scan

Question: In your role as a security analyst, you need to stay up to date on the latest threats. You are currently reviewing the latest real-time updates on cyberthreats from across the world.

Which of the following resources are you MOST likely using?

Answer: Threat feeds

Question: You want to be able to identify the services running on a set of servers on your network. Which tool would BEST give you the information you need?

Answer: Vulnerability scanner

Question: You have run a vulnerability scanning tool and identified several patches that need to be applied to a system. What should you do next after applying the patches?

Answer: Run the vulnerability assessment again.

Question: Which SIEM component is responsible for gathering all event logs from configured devices and securely sending them to the SIEM system?

Answer: Collectors

Question: Which of the following Security Orchestration, Automation, and Response (SOAR) system automation components is often used to document the processes and procedures that are to be used by a human during a manual intervention?

Answer: Playbook

Question: You want to make sure that a set of servers only accepts traffic for specific network services. You have verified that the servers are only running the necessary services, but you also want to make sure that the servers do not accept packets sent to those services.

Which tool should you use?

Answer: Port scanner

Question: Which of the following systems is able to respond to low-level security events without human assistance?

Answer: SOAR