Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

TestOut Ethical Hacker Pro > 7.2.5 Practice Questions > Flashcards

7.2.5 Practice Questions Flashcards

1
Q

Which of the following phases of the vulnerability management lifecycle implements patches, hardening, and correction of weaknesses?

answer

The remediation phase

The risk assessment phase

The verification phase

The monitoring phase

A

The remediation phase

Explanation
The remediation phase is for implementing the needed patching, hardening, and correction of weaknesses.

The risk assessment phase is for evaluating the found vulnerabilities for threat level.

The verification phase is for retesting the system to verify that your patching and hardening was effective.

The monitoring phase is when continuous system monitoring is effective.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Rose, an ethical hacker, has created a report that clearly identifies her findings and recommendations for locking down an organization’s systems and patching problems. Which of the following phases of the vulnerability management life cycle is she working in?

answer

Verification

Remediation

Create a baseline

Risk assessment

A

Risk assessment

Explanation
Risk assessment is the phase of evaluating the found vulnerabilities for threat level. You will need to create reports that clearly identify the problem areas to present to management. Then produce a plan of action to control the weaknesses, protect the information, and harden the systems.

Verification is the phase of retesting the system to verify that your patching and hardening was effective.

Remediation is the phase of implementing the necessary patching, hardening, and correction of weaknesses.

Create a baseline is the phase of defining the effectiveness of the current security policies and procedures.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Listen to exam instructions
Which of the following best describes the verification phase of the vulnerability management life cycle?

answer

Is critical to ensure that organizations have monitoring tools in place and have regularly scheduled vulnerability maintenance testing.

Proves your work to management and generates verifiable evidence to show that your patching and hardening implementations have been effective.

Protect the organization from its most vulnerable areas first and then focus on less likely and less impactful areas.

Communicate clearly to management what your findings and recommendations are for locking down the systems and patching problems.

A

Proves your work to management and generates verifiable evidence to show that your patching and hardening implementations have been effective.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

You are an ethical hacker contracting with a medical clinic to evaluate their environment. Which of the following is the first thing you should do?

answer

Decide the best times to test to limit the risk of having shutdowns during peak business hours.

Define the effectiveness of the current security policies and procedures.

Create reports that clearly identify the problem areas to present to management.

Choose the best security assessment tools for the systems you choose to test.

A

Define the effectiveness of the current security policies and procedures.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

It may be tempting for an organization to feel secure after going through the process of penetration testing and the corrections and hardening that you must perform. Which of the following should you help them to understand?

answer

Hackers have time on their side, and there will always be new threats to security.

The risks associated with enforcing security procedures and what threats may have been overlooked.

They need a plan of action to control weaknesses and harden systems.

How to define the effectiveness of the current security policies and procedures.

A

Hackers have time on their side, and there will always be new threats to security.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Listen to exam instructions
Which of the following solutions creates the risk that a hacker might gain access to the system?

answer

Inference-based

Product-based

Tree-based

Service-based

A

Service-based

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which of the following assessment types relies on each step to determine the next step, and then only tests relevant areas of concern?

answer

Tree-based

Service-based

Inference-based

Product-based

A

Inference-based

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Listen to exam instructions
First, you must locate the live nodes in the network. Second, you must itemize each open port and service in the network. Finally, you test each open port for known vulnerabilities. These are the three basic steps in which of the following types of testing?

answer

Penetration

Baseline

Patch level

Stress

A

Penetration

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

TestOut Ethical Hacker Pro (28 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions