Cybersecurity Quiz: Vulnerability Scanning and Network Security, Exams of Computer Security

A series of multiple-choice questions focused on cybersecurity concepts, specifically vulnerability scanning using tools like nessus and understanding various network security threats and mitigation strategies. it covers topics such as cvss scoring, vulnerability prioritization, attack vectors, and common network security issues like dns poisoning and malware. The quiz is suitable for students learning about network security and ethical hacking.

Typology: Exams

2024/2025

Available from 05/05/2025

DrShirley
DrShirley 🇺🇸

3.3

(4)

4.6K documents

1 / 25

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Advanced Ethical Hacking 2 - Final
Carl is a new cybersecurity analyst. His manager has just asked him to implement a
vulnerability scanner that uses CVSS. Which of the following best describes why he
would want to use it? -
✅The Common Vulnerability Scoring System will allow the organization to
prioritize which vulnerabilities it should mitigate first or implement compensating
controls for.
Simone, a cybersecurity researcher, has just finished the analysis and
documentation of a new vulnerability she discovered in a widely used product. In
addition to contacting the manufacturer of the software, she also believes it is
necessary to make a plug-in available so common vulnerability scanners can pick
up the vulnerability in their scans. Which of the following would be helpful for her
to know in order to meet this goal? -
✅NASL
Faranoush is examining the CVSS Base Score Exploitability Metrics to better
understand the information she sees in her report. Which of the following reflects
the ability of a vulnerability in one software component to impact other resources? -
✅Scope
Cosmo is reviewing a recent Nessus scan report and sees a number of items that
have recently had compensating controls implemented for them. Which of the
following terms might describe these items in the report? -
✅False Positive
Phillida, a cybersecurity analyst, is comparing vulnerability scanning products for
potential use in her organization. She reads that Nessus uses a combination of
machine learning and threat intelligence to produce which of the following? -
✅VPR
Ramon, a cybersecurity analyst, is aware of the regulatory requirements that his
organization must meet. He needs to make sure that best practices are meeting the
goals of these regulatory requirements. Which of the following might he decide to
employ as part of a vulnerability scan? -
✅Scanning template
Kallie, a cybersecurity analyst, has just returned from a cybersecurity conference
where she learned about the Nessus vulnerability scanner. She wants to try it at her
1
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19

Partial preview of the text

Download Cybersecurity Quiz: Vulnerability Scanning and Network Security and more Exams Computer Security in PDF only on Docsity!

Advanced Ethical Hacking 2 - Final

Carl is a new cybersecurity analyst. His manager has just asked him to implement a vulnerability scanner that uses CVSS. Which of the following best describes why he would want to use it? - ✅The Common Vulnerability Scoring System will allow the organization to prioritize which vulnerabilities it should mitigate first or implement compensating controls for. Simone, a cybersecurity researcher, has just finished the analysis and documentation of a new vulnerability she discovered in a widely used product. In addition to contacting the manufacturer of the software, she also believes it is necessary to make a plug-in available so common vulnerability scanners can pick up the vulnerability in their scans. Which of the following would be helpful for her to know in order to meet this goal? - ✅NASL Faranoush is examining the CVSS Base Score Exploitability Metrics to better understand the information she sees in her report. Which of the following reflects the ability of a vulnerability in one software component to impact other resources? - ✅Scope Cosmo is reviewing a recent Nessus scan report and sees a number of items that have recently had compensating controls implemented for them. Which of the following terms might describe these items in the report? - ✅False Positive Phillida, a cybersecurity analyst, is comparing vulnerability scanning products for potential use in her organization. She reads that Nessus uses a combination of machine learning and threat intelligence to produce which of the following? - ✅VPR Ramon, a cybersecurity analyst, is aware of the regulatory requirements that his organization must meet. He needs to make sure that best practices are meeting the goals of these regulatory requirements. Which of the following might he decide to employ as part of a vulnerability scan? - ✅Scanning template Kallie, a cybersecurity analyst, has just returned from a cybersecurity conference where she learned about the Nessus vulnerability scanner. She wants to try it at her

company, but her software budget has already been spent for the fiscal year. Which of the following versions should she consider installing? - ✅Nessus Essentials Alaa wants to update her Nessus installation to ensure that she is scanning for all recently discovered vulnerabilities. Which of the following does she need to download? - ✅Plug-ins Darien last ran a vulnerability scan a year ago. Which of the following could he expect to have changed if he ran the scan again today? - ✅CVSS temporal score Nephele is looking at the vulnerabilities found in her organization. She wants to figure out which ones must be present or addressed from the local network compared to the ones that must be addressed either from an adjacent network or other network. Which of the following metrics covers this information? - ✅Attack vector Morwenna wants to install Nessus for a trial run on her company's infrastructure. Which of the following is the default method of installation? - ✅HTTPS Dimitri wants to install Nessus on the systems within his network, but is concerned that Nessus may not be compatible with certain types of devices in his company. Which of the following is Nessus not compatible with? - ✅None of the above. It is compatible with all of these options. Valeria, a cybersecurity manager, wants to start using a vulnerability scanner at the large global organization where she works. Which of the following might be the best fit for this organization? - ✅Nessus Manager Gabriel is trying to understand the metrics behind the scores that Nessus uses. He asks you which of the metrics is based on the attacker having to gather more information about the target before the vulnerability can be exploited. Which of the following identifies the metric he described? - ✅Attack complexity Franco, a cybersecurity analyst, has just received a report that a piece of malware has been detected on a user's system. The user downloaded a solitaire game that had pictures of cats on the back of the cards, and he just couldn't resist. After

Kallista needs to install the latest updates to Nessus so that it can identify the most recent threats. What will she need to download? - ✅Plug-ins Which CVSS score reflects the current characteristics of a vulnerability that may have changed over time? - ✅CVSS temporal score Phoebe is examining the CVSS scores from a recent scan. Which metric is used to determine the type of network access necessary to exploit a vulnerability? - ✅Attack Vector (AV) Thalia has been asked by her team leader to closely examine the results of a vulnerability scan. One vulnerability indicates that it could result in a neighbor discovery (IPv6) flood that leads to a DoS on the local LAN segment. Which attack vector base score exploit metric in CVSS would cover this? - ✅Adjacent (AV:A) A vulnerability scan indicates that a patch is missing from a Windows server. However, upon further examination you determine this is not true. What have you discovered? - ✅False positive Yairo has been asked to examine only internal data points when analyzing a recent vulnerability scan. Which of the following would he not use? - ✅Best practices Which of the following is also called a network virus and is designed to enter a computer through the network before searching for another vulnerable system? - ✅Worm Basil has been asked to examine an employee's Apple iOS smartphone that is owned by the organization. He discovers that the employee has circumvented the built-in limitations. What is this called? - ✅Jailbreaking Which of the following is not an attack that is specifically designed for a web server? - ✅ARP poisoning What vulnerability is specific to a bridge? -

✅A secure wired LAN network with an unsecured wireless network, which could create an unprotected link between the two Corban is examining a vulnerability scan report. It indicates that a MAC flooding attack could occur due to a misconfigured hardware appliance. Which hardware device should Corban now correctly configure? - ✅Switch What is the risk associated with not creating multiple VPN profiles? - ✅A VPN connection could allow open access to network resources. What is another name for a virtual network? - ✅Software-defined network (SDN) Tomaso is explaining to Nikita how a virtual network functions. Which of the following is not a correct description of a control plane? - ✅It can be interchanged with a data plane when necessary. What is used to control multiple ICSs? - ✅SCADA Why does an installation of Nessus produce a security warning? - ✅Nessus uses a self-signed SSL certificate. When configuring a Nessus basic network scan, what information must be provided in the settings. - ✅The targets to be scanned. Nicholas observes that the CVSS temporal score is different from the CVSS base score. What most likely caused the change? - ✅An operating system patch that addressed the original vulnerability Which of the following is not a category for determining a CVSS score? - ✅Risk score metrics An online retailer has just discovered a data breach of the system used to store all of the data for shipments of products, including tracking numbers, date shipped, customer names, and addresses. Which of the following has the company failed to protect? - ✅PII

Dion is developing an application that will allow users to create their own passwords. He then needs to store that information in a database to be used when the user attempts to log in again. Which of the following provides the strongest option for Dion to accomplish this task? - ✅SHA- Boris, a cybersecurity analyst, has just received a client's hard drive that needs a forensic analysis. He needs to ensure that the data on the drive maintains its integrity and that no unallocated blocks are changed so he can attempt to undelete files on the drive. Which of the following tools would be most useful as part of his analysis? - ✅Write blocker Takara is building a digital forensics workstation. She needs the ability to connect to PATA and SATA devices for forensic analysis. Which of the following tools might best fit her needs? - ✅Universal hard drive adapter kit Dahlia has just been hired as a new cybersecurity manager at an organization. Up until now, the organization has not had any formal procedures in place to handle events such as malware or data breaches. Dahlia would like to ensure that everyone follows the same procedures when responding to these events. Which of the following should she create? - ✅IRP Rico is developing a list of personnel who may be asked to serve on a cyber incident response team. Who will be responsible for helping the team focus on minimizing damage and recovering quickly from a cyber incident? - ✅Team leader Why does corporate accounting data have a high value. - ✅The loss of accounting data prevent an organization from providing stakeholders an accurate picture of its financial health. Which of the following scopes of impact describes the amount of time needed for IT systems to return to their normal functions? - ✅Recovery time Javier is creating a forensics kit. Which of the following documents would he not include? - ✅Corporate hierarchy chart

Alvaro has been asked to acquire tape to secure evidence bags for forensics investigations. The tape cannot be removed and reapplied without leaving visual evidence. What type of tape should he use? - ✅Tamper-evident Pablo is performing a forensics investigation and needs to identify the edit history of a file. What type of data does Pablo need to examine? - ✅Metadata Adamo has been asked to create a cyber incident response plan. What will be the final phase of the plan? - ✅Follow-up Which of the following is not an example of intellectual property? - ✅Credit card number Which of the following is the violation of an explicit or implied security policy? - ✅Cyber incident Viola is examining data that was compromised during a recent attack. Into which category would a password number be classified? - ✅PII Adele is researching zero day attacks. To which category of threats would these attacks apply? - ✅Unknown knowns Bianca suspects that a recent attack was the work of nation-state actors who were well-resourced and highly trained. What type of attack was this? - ✅APT What is the first step in determining the severity of an incident? - ✅Deciding if the occurrence was a cybersecurity incident. Kristin is reviewing the impact of a recent attack and finds that it only caused a seldom-used test server to be taken offline for a short period of time. She has decided that this incident does not deserve a high-priority ranking. What scope of impact has she used in making this determination? - ✅System process criticality Which of the following is not a reason why computer forensics is important? - ✅Federal laws that mandate all attacks to be examined using forensics

A Silicon Valley startup has begun attracting users in Canada. Which of the following regulations should its legal department study to ensure that the company is abiding by any applicable laws? - ✅PIPEDA A company with operations in Europe has just experienced a breach of its customer data. Which of the following does the company need to notify under European Union regulations? - ✅ICO Which of the following is not one of the purposes of establishing a communication process and plan? - ✅Be completely transparent with the public Annya, a cybersecurity analyst, has just pulled a failed hard drive out of a system. She cannot seem to get any applications to overwrite the blocks on the drive with random data. Which of the following methods should she use to ensure the data on the drive is safe from being recovered by unauthorized parties? - ✅Secure disposal Victoria, a cybersecurity analyst, has just disconnected a computer from the network after finding that it was infected with malware. Which of the following is the next task that she should attempt to perform with the system? - ✅Eradication Alika has just finished eradicating a piece of malware from a computer system. Which of the following might she do next as part of the validation process? - ✅Patching Elon has created a project to review the vulnerabilities in his organization. As the project wraps up, which of the following should be created? - ✅Lesson learned report Patrik, a cybersecurity analyst, has just discovered a computer system infected with malware that appears to communicate with a command and control server. He doesn't believe there will be any negative consequences to shutting down communications between the computer and the command and control server, so he decides to redirect the communications to a sinkhole. Which of the following containment methods did Patrik choose to employ? - ✅Isolation

Amir has just received a user's computer that was found to have a malware infection. He has sanitized the hard drive but doesn't have a snapshot from which he can restore. Which of the following techniques might he choose to make the system functional again? - ✅reconstruction Moira has discovered a compromised computer on her organization's network that is communicating with a command and control server. She believes that cutting off the connection to the command and control server may completely destroy the system. Which of the following containment techniques might she choose to use? (Choose two.) - ✅Segmentation Which of the following is not a reason for communications in a cyber incident? - ✅Allow for an unplanned release of information. Isabella has been asked to research HIPAA requirements for her employer. Which of the following statements about HIPAA is false? - ✅HIPAA includes any third-party business associate that handles protected healthcare information. Morgan has been asked to make recommendations about her employer's use of social media in the event of a cyber incident. Which of the following would she not recommend? - ✅Use a strictly casual tone in communication. Which containment technique simply removes the affected system from the network by disconnecting it? - ✅Removal Pat is researching requirements for communicating with affected parties in a cyber incident. What requirement would Pat find that is used in the European Union (EU)?

  • ✅GDPR What is the best way for an organization to limit adverse reactions? - ✅By controlling the conversation Which of the following is false about state legislative mandates for communication in a cyber incident? - ✅Only California has a state security breach notification law.

✅Delete the files from the hard drive by using the Quick format option. Which of the following is not a validation step? - ✅Reimaging Ines is reviewing the network traffic logs and sees what appears to be beaconing. Which of the following best describes the traffic she has noticed? - ✅The traffic is most likely being sent to a command and control server. Hwan, a network administrator, has just overheard a cybersecurity analyst at his company talking about a DDoS attack. He wants to ensure that he notifies the appropriate parties if this type of attack does take place. Which of the following symptoms might indicate a potential DDoS attack? - ✅A large constant spike in bandwidth consumption Albrecht has noticed a number of clients on the network attempting to contact the same external IP address at a constant rate of once every five minutes over the past 72 hours. Which of the following might be the cause of his concern? - ✅The computers may be infected with malware that has made them part of a botnet. Bartolo sees a notification from a security device on the perimeter of the network that ICMP echo requests have been received for the entire range of IP addresses on the external subnet. Which of the following has been detected? - ✅Ping sweep Belva is performing an audit of the e-mail server when she discovers that one of the accounts is sending a lot of e-mails all day that contain attachments. After a bit more research, she finds that the attachments contain extensive proprietary and confidential information. Which of the following should she consider implementing to prevent a reoccurrence? - ✅DLP Ulf has found malware on a couple of computers that has been making remote connections to named pipes. Which of the following is being exploited by this malware? - ✅SMB Uziah has received an alert from a network monitoring system that it has detected a client on the network sending an HTTPS packet once per minute for the past six hours to an external IP address. Which of the following has the system most likely detected? -

✅Beaconing Jared has created a field in the database that acts as the back end for an application he has written. The field has been configured to store an 8-bit unsigned number. The field where the user enters information has only been configured to accept numbers, but Jared apparently forgot to add logic to ensure that the user could not enter numbers greater than 255. Which of the following could occur as a result of this oversight? - ✅Integer overflow Jaden has received an alert from a system that has identified potential malware on itself. Upon looking through the log files, he sees a list of error messages where an executable tried to write data to a range of memory addresses that did not exist for the system. Which of the following has most likely occurred? - ✅Buffer overflow Ananada is sitting on a train and overhears someone on his phone bragging that he has a massive network of computers at his fingertips that have been compromised with some form of malware. He tells the person on the other end of the call that they can have all these computers attack a target in unison. Which of the following terms might describe the person whose conversation she overheard? - ✅Bot herder Calliope is a forensics detective with a law enforcement agency. She discovers that an attacker who has just been caught was using a dead-drop method of controlling the bots in a botnet. Which of the following might have been a clue that the attacker was using this method? - ✅Finding an e-mail account with multiple saved drafts that were never sent but contained instructions the bots were to follow Phaedra, a cybersecurity analyst, has discovered a number of computers within her company's network that are regularly sending packets to an external IP address for no legitimate reason. Which of the following is the most likely cause of this scenario? - ✅Botnet Barry has just installed Wireshark on a computer in his organization to analyze network traffic. Which of the following will he also most likely need in order to make this configuration work? - ✅Port mirroring

Which of the following is not a type of attack that can be generated through a botnet? - ✅Buffer overflows Etsu is reviewing log files and discovers that data has been stolen and sent out from the network. In her report, what does she call this activity? - ✅Exfiltration Kyo is compiling a list of network symptoms of a cyber incident. Which would she not include on her list? - ✅Processor consumption Moe is researching P2P C&C configurations. Which of the following is not true about a P2P C&C? - ✅It can mask irregular peer-to-peer communications through beaconing, but not data exfiltration. If an attacker wants to learn which services are running on a server, which of the following would he use? - ✅Port scan Which of the following devices can be installed on a network to monitor traffic? - ✅Network tap Which of the following is not a type of wireless probe that monitors the airwaves for traffic? - ✅Independent probe (GUESS) Nori is concerned that Bob, who has a lower level of privileges, has inherited Mackenzie's higher level of privileges. Which of the following terms describes this situation? - ✅Vertical privilege escalation Which of the following is not one of the three types of DLP sensors? - ✅Public sensors Which of the following is not an application symptom? - ✅Hard drive consumption Which of the following statements about new account creation is false? - ✅New account creation can only be used for a threat actor to log in to an application.

Craig has been asked to implement the ISO standards for cybersecurity in his organization. Which of the following families of standards should he become familiar with? - ✅ Hattie has just been promoted to the cybersecurity team within her organization. Her new manager recommends reading up on cybersecurity guidelines that have been published by the U.S. government. Which of the following should she become familiar with? - ✅NIST Penelope has just been hired as a cybersecurity manager for an organization. She has done an initial analysis of the organization's policies and sees there is no document outlining the duties and responsibilities of data custodians. Which of the following policies might she consider creating? - ✅Data ownership policy Abdul has just discovered a successful brute force attack against one of the systems in his company's network that lasted for almost five months undetected. Which of the following might have prevented this attack from being successful? - ✅Password policy Araya has been tasked with implementing a new set of procedures for the onboarding and offboarding of employees. Which of the following types of controls does this new task fall into? - ✅Administrative controls Dharma has just been hired to create the new cybersecurity team in a growing organization. Which of the following might be one of the first things she does? - ✅Preform an audit Tabitha has just contracted with a large company to perform a penetration test against it. Which of the following might help her with part of the reconnaissance process? - ✅Impersonation Gabe, a penetration tester, has gained physical access to a company's facilities and planted devices behind several printers that will send him copies of all documents sent to those printers. Which of the following has Gabe executed? - ✅MITM attack

✅Nessus Maya has just been hired as the first cybersecurity engineer at a growing company in an effort to focus more resources on hardening the company's infrastructure. Which of the following might she use to identify applications that users log into with unencrypted passwords? - ✅Wireshark Janos works for a large regional hospital system. The system has data retention policies that have necessitated the backup of certain types of information. As such, he decides that in addition to the standard daily and weekly backups, he would like to create a byte-by-byte copy of data on a particular server's drive to be stored off- site. Which of the following tools might help him perform this action? - ✅dd Which of the following is a purpose of a rootkit? - ✅To hide its presence Isabella needs to document a framework that identifies increasing levels of security development, with each level more difficult to achieve but more secure than the preceding lower level. Which of the following would she document? - ✅Maturity model Mason has been asked to create a list of vulnerabilities in the organization's directory service. Which vulnerability would not be included on the list? - ✅Having a minimal number of domain administrators Which of the following does not describe an MITM attack? - ✅A threat actor captures packets and loads them into Wireshark to look for cleartext passwords. Liam is investigating a recent attack in which a threat actor stole session cookies and used them to impersonate the user. What kind of attack is Liam investigating? - ✅Session hijacking Emma has discovered that one of her company's web applications is accepting user input without validating it before presenting it back to the user. What type of attack could use this vulnerability? - ✅XSS

Noah has been asked to perform an environmental reconnaissance. He decides to call the help desk and pretend to be a mid-level manager who needs to have his password reset. What type of attack is Noah performing? - ✅Impersonation A recent report showed that Olivia's organization has not been following all necessary regulations. She has been asked to respond to this report, and she has listed several difficulties in following regulations. Which of the following would not be on her list? - ✅A new federal law mandates that organizations must have employees whose sole responsibility is to monitor regulations, but the organization cannot afford this. Which of the following is a series of documented processes used to define policies and procedures for implementation and management of security controls in an enterprise environment? - ✅Framework Which framework is divided into a framework core, implementation tiers, and profiles? - ✅National Institute of Standards and Technology (NIST) Cybersecurity Framework Which framework is used for software development? - ✅The Open Group Architecture Framework (TOGAF) Which policy is intended for personnel who are responsible for the management of user accounts? - ✅Account management policy William has been asked to create a draft data retention policy. Which of the following would not be part of that policy? - ✅The duties of the data custodian Ava is reviewing her organization's data classification policy. Which of the following would not be part of that policy? - ✅The responsibilities of the data owner Which of the following controls would include fencing and security guards? - ✅Physical controls Which of the following is the least effective cybersecurity verification? - ✅Evaluation