ISOL 533 - Which of the following statements is true regarding the use of service patches

Question 1

1. Which of the following statements is true regarding the use of service patches?
2. Service patches are an ineffective means of fixing a server’s vulnerability.
3. Applying a patch to a server guarantees that a risk has been mitigated.
4. The system administrator has no way of verifying that the patch has raised the version number.
5. The system administrator can directly test a patch’s effectiveness to assure that the vulnerability is closed.
6. 
   

10 points

Question 2

1. In the Lab 5 Nmap Scan Report, what was the total number of loaded scripts for scanning?
2. 4
3. 36
4. 72
5. 100
6. 
   

10 points

Question 3

1. In the Lab 5 Nmap Scan Report, what is the source IP address of the Cisco Adaptive Security Appliance device?
2. 172.16.20.1
3. 172.17.20.1
4. 172.20.20.1
5. 172.30.0.1
6. 
   

10 points

Question 4

1. The Nmap operator can infer what services are running by knowing:
2. potential attackers motives.
3. what specific ports are listening.
4. what vulnerabilities are being targeted.
5. the patches that are currently available.
6. 
   

10 points

Question 5

1. Which of the following has one purpose: to send crafted packets to a targeted Internet Protocol (IP) address to determine what ports are listening for connections?
2. Nessus
3. CVE
4. Nmap
5. Cisco ASA
6. 
   

10 points

Question 6

1. Which of the following would a person with malicious intent use to research what vulnerabilities to exploit?
2. Nessus
3. CVE
4. Nmap
5. Cisco ASA
6. 
   

10 points

Question 7

1. In the Lab 5 Nessus Vulnerability Scan Report, how many IP hosts were identified in the Scan Report?
2. 1
3. 5
4. 7
5. 13
6. 
   

10 points

Question 8

1. In the Lab 5 Nessus Vulnerability Scan Report, how many of the vulnerabilities found on the 172.16.20.1 host were ranked “critical”?
2. 0
3. 1
4. 2
5. 4
6. 
   

10 points

Question 9

1. In the Lab 5 Nessus Vulnerability Scan Report, how many of the vulnerabilities found on the 172.16.20.1 host were ranked “high”?
2. 0
3. 1
4. 6
5. 9
6. 
   

10 points

Question 10

1. In the Lab 5 Nessus Vulnerability Scan Report, how many open ports were found on the 172.30.0.10 host?
2. 2
3. 5
4. 22
5. 37
6. 
   

10 points

Question 11

1. In the Lab 5 Nessus Vulnerability Scan Report for the 172.30.0.10 host, the first vulnerability found was: MS08-067 Microsoft Windows Server Service Crafted RPC Request Handling Remote Code Execution (958644) (uncredentialed check). What solution was provided for this vulnerability?
2. Disable this service if you do not use it.
3. Filter out the ICMP timestamp requests (13), and the outgoing ICMP timestamp replies (14).
4. Access this device and set a password using ‘enable secret’.
5. Microsoft has released a set of patches for Windows 2000, XP, 2003, Vista and 2008.
6. 
   

10 points

Question 12

1. Which of the following would produce more benefit from Nessus plug-ins?
2. Update the plug-ins on install.
3. Use only the default setting for updating the plug-ins.
4. Do not make any updates to the plug-ins.
5. Disable all plug-ins.
6. 
   

10 points

Question 13

1. Which of the following statements is true regarding Nessus?
2. It is difficult to install and run.
3. It is cost-prohibitive for home use.
4. Very few plug-ins are available for it.
5. Reporting can be detailed and customized.
6. 
   

10 points

Question 14

1. As a vulnerability scanner, __________ scans the networked devices for potential weaknesses and exploitable services.
2. Nessus
3. CVE
4. Nmap
5. Cisco ASA
6. 
   

10 points

Question 15

1. Which of the following can be used as a compliance tool by loading a configuration file and then scanning the network to verify compliance against your end devices?
2. Nessus
3. CVE
4. Nmap
5. Cisco ASA
6. 
   

10 points

Question 16

1. Which of the following is a free, publicly available list or dictionary of standard identifiers for common computer vulnerabilities and exposures?
2. Nessus
3. CVE
4. Nmap
5. Cisco ASA
6. 
   

10 points

Question 17

1. What does the acronym CVE stand for?
2. Common Vulnerabilities and Exposures
3. Certified Vulnerability Enterprise
4. Central Vulnerability Exposures
5. Center for Vulnerabilities and Exposures
6. 
   

10 points

Question 18

1. According to CVE, which of the following is a mistake in software that can be directly used by a hacker to gain access to system or network?
2. Threat
3. Vulnerability
4. Exposure
5. Risk
6. 
   

10 points

Question 19

1. According to CVE, which of the following is a system configuration issue or a mistake in software that allows access to information or capabilities that can be used by a hacker as a stepping-stone into a system or network?
2. Threat
3. Vulnerability
4. Exposure
5. Risk
6. 
   

10 points

Question 20

1. The letters “ASA” in the Cisco ASA 5505 Security products stand for:
2. Augmented Server Apparatus.
3. Assessment Scanner Administration.
4. Adaptive Security Appliance.
5. Authorized Service Application.