2.5.2 Network Security Testing Quiz Answers
2.5.2 Network Security Testing Quiz. Cyber Threat Management Module 2 Quiz Answers
1. What is the purpose of the Tripwire network testing tool?
- to perform vulnerability scanning
- to provide password auditing and recovery
- to detect unauthorized wired network access
- to provide information about vulnerabilities and aid in penetration testing and IDS signature development
- to assess configuration against established policies, recommended best practices, and compliance standards
2. An administrator is troubleshooting NetBIOS name resolution on a Windows PC. What command line utility can be used to do this?
3. The laptop of an attacker is attached to a corporate network. The attacker is examining all of the network traffic that is passing through the network interface card. Which network reconnaissance method does this scenario describe?
- penetration exercise
- red team blue team
- bug bounty
4. Which cybersecurity weapon scans for use of default passwords, missing patches, open ports, misconfigurations, and active IP addresses?
- packet sniffers
- password crackers
- vulnerability scanners
- packet analyzers
5. An organization has hired a former hacker to test how well the organization would tolerate a real attack by using malicious techniques. What type of testing is the hacker performing for the organization?
6. Which penetration test phase is concerned with conducting reconnaissance to gain information about the target network or device?
7. A new technician was overheard telling colleagues that a secure network password had been discovered through a search of social media sites. What technique was used to acquire the password?
- passive reconnaissance
- active reconnaissance
- buffer overflow
- brute force
8. What network security testing tool has the ability to provide details on the source of suspicious network activity?
9. What network scanning tool has advanced features that allows it to use decoy hosts to mask the source of the scan?
10. A new person has joined the security operations team for a manufacturing plant. What is a common scope of responsibility for this person?
- day-to-day maintenance of network security
- data security on host devices
- physical and logical security of all business personnel
- managing redundancy operations for all systems
11. Which approach provides automated tools allowing an organization to collect data about security threats from various sources?
12. How does network scanning help assess operations security?
- It can simulate attacks from malicious sources.
- It can log abnormal activity.
- It can detect weak or blank passwords.
- It can detect open TCP ports on network systems.
13. What network testing tool is used for password auditing and recovery?
14. What describes a feature of credentialed scans?
- They are less invasive than non-credentialed scans.
- They try to exploit vulnerabilities and may even crash the target.
- They return fewer false positives and fewer false negatives.
- They do not require usernames and passwords to provide authorized access to a system.