cyber security 13
What type of scanner sends "probes" to network devices and examine the responses received back to evaluate whether a specific device needs remediation?
Active scanner
Which statement regarding a honeypot is NOT true?
It cannot be part of a honeynet.
Which statement regarding
vulnerability appraisal is NOT true?
Vulnerability appraisal is always the easiest and quickest step.
At what point in a vulnerability assessment would an attack tree be
utilized?
Threat Evaluation
Which of the following data sensitivity labels has the lowest level of data sensitivity?
Public
Which of the following is a
command-line alternative to Nmap?
Netcat
Which of these should NOT be classified as an asset?
Accounts Payable
Which of these is NOT a state of a port that can be returned by a port scanner?
Busy
Which of the following is NOT an issue raised regarding how private data is gathered and used?
By law, all encrypted data must contain a "backdoor" entry point.
Which of the following is NOT a risk associated with the use of private data?
Devices being infected with malware
If a software application aborts and leaves the program open, which control structure is it using?
Fail-open
Which of the following is a
command-line alternative to Nmap?
Netcat
Which of the following constructs scenarios of the types of threats that assets can face to learn who the attackers are, why they attack, and what types of attacks may occur?
Threat mod
Which of the following must be kept secure as mandated by HIPAA?
PHI
Which of the following is NOT a function of a vulnerability scanner?
Alerts users when a new patch cannot be found
If a tester is given the IP addresses, network diagrams, and source code of customer applications, the tester is using which technique?
White Box
Which of the following data sensitivity labels is the highest level of data sensitivity?
Confidential
Which of the following tools is a Linux command-line protocol analyzer?
Tcpdump
A systematic and methodical evaluation of the exposure of assets to attackers, forces of nature, or any other entity that is a potential harm is called what?
Vulnerability Assessment
Which of the following command-line tools tests a connection between two network devices?
Ping (correct)
If a software application aborts and leaves the program open, which control structure is it using?
Fail-open (correct)