Your Perfect Assignment is Just a Click Away

We Write Custom Academic Papers

100% Original, Plagiarism Free, Customized to your instructions!

glass
pen
clip
papers
heaphones

Proficiency Test

Proficiency Test

Proficiency Test

Scan policies define:

 

Which scan zone SecurityCenter should use

 

The repository where scan data should be stored

 

Which targets to scan

 

Which plugins, or checks, to run against a target

Scan Zones in SecurityCenter provide which major benefit:

 

Simplify compliance scanning

 

Improve PVS performance

 

Limit network impact of active scanning

 

Ease of scanner administration

What are the two types of Analysis Tools in SecurityCenter?

 

None of these

 

Summary and List

 

Filtered and Unfiltered

 

Exploited and Mitigated

Which of the following can be done when using an Analysis Tool?

 

Create an asset list

 

Close a ticket

 

Start a scan

 

Save a query

To display vulnerabilities that have been discovered in the last seven days, you would choose:

 

Edit Filters, Date Filters, Vulnerability Discovered, More than 7 days ago

 

Edit Filters, Date Filters, Vulnerability Published, Within the last 7 days

 

Edit Filters, Date Filters, Vulnerability Discovered, Within the last 7 days

 

Edit Filters, Date Filters, Vulnerability Last Observed, Within the last 7 days

The ‘Remediation Summary’ analysis tool shows:

 

Which actions SecurityCenter will take to improve security in your environment

 

A summary of vulnerabilities which have already been remediated

 

Solutions to vulnerabilities and the percentage of risk that would be reduced for each solution applied

 

A list of Microsoft patches required in your environment

Dashboard Components display data visually that is defined by:

 

Filter or Query

 

Scan Policy

 

Report or Scan

 

Audit File

Active Filters can be cleared one at a time by clicking the ‘X’ for the condition, or all at once by clicking on ‘Clear’ at the top of the Active Filters list.

 

true

 

false

Clicking the ‘Analysis’ drop-down allows you to select:

 

The type of data to analyze

 

The filter types to enable

 

The type of event to analyze

 

The alerting functionality

Dashboard components display visual data that is defined by which of the following?

 

Filter or Query

 

Scan Policy

 

Report or Scan

 

Audit File

For Linux/Unix systems that will be using SSH public key authentication for credentialed scanning, what information must be included in the scan policy?

 

The public key

 

The private key and passphrase

 

The public key, private key, and passphrase

 

The passphrase

Which of the following can be done with a report in SecurityCenter?

 

Schedule the report

 

Email the report

 

Publish the report to a website

 

All of the above

Credentialed patch audits can perform all of the following functions except:

 

Event correlation

 

Host discovery

 

Vulnerability discovery

 

Service discovery

Assurance Report Cards (ARCs) are designed to:

 

Provide actionable reports you can provide system administrators

 

Give highly detailed information about systems on the network

 

All of these

 

Bridge the communication gap between business executives and security professionals

If a scan is created with a schedule option of “Dependent”, what does that mean?

 

This scan will run upon completion of the scan chosen in the drop-down menu

 

The scan will only run if entered Boolean conditions match

 

The operating system of the target host must match the selected value before the scan will run

 

When this scan is complete, it will initiate the scan chosen from the drop-down menu

 

A scan policy template for a credentialed scan should include the following:

 

Root or Administrator system credentials

 

Standard user system credentials

 

RSA SecurID server information

 

None of these

1. For Linux/Unix systems that support SSH, what is the best practice recommendation for credentialed scan authentication?

 

OAuth authentication

 

SSH public key authentication with a passphrase

 

SecurID

 

Username / password

 

1. What is the difference between a host discovery scan and a basic network scan?

 

The network scan discovers hosts, services, and vulnerabilities, whereas the host discovery scan only discovers hosts and services running on open ports

 

The basic network scan requires credentials

 

The basic network scan will identify cloud services in use

 

The host discovery scan requires SecurityCenter to see all network traffic

 

1. The ‘List OS’ analysis tool shows:

 

A list of operating systems which SecurityCenter can detect

 

A list of the top 10 operating systems detected on the network

 

A list of operating systems and the number of vulnerabilities found

 

Only operating systems with at least 1 critical vulnerability

 

1. Using an SNMP community string for login is an example of:

 

Privilege escalation

 

SNMP community strings are not supported

 

Two-factor authentication

 

Keypair authentication

 

Compliance auditing is:

 

Only required by organizations in the government, financial, and industrial sectors

 

For organizations subject to PCI requirements

 

Comparing scan results with an established standard and reporting the deviations

 

Comparing scan results to trending vulnerabilities

 

Before a user adds a scan, which of the following would have been created (usually by another user, e.g., admin):

 

Scan Zones

 

Repositories

 

All of these

 

Scan Policies

 

Tenable provides pre-configured dashboard templates:

 

On the Tenable Dashboard Blog only

 

That become available by default after defining asset lists and running the first vulnerability scan

 

On the Tenable Dashboard Blog and in the “Add Dashboard” screen

 

On the “Add Dashboard” screen only

 

Credentialed scans can use all of the following protocols except:

 

Kerberos

 

SSH

 

OSPF

 

SNMP

 

Which of the following is NOT true about credentials in SecurityCenter?

 

Credentials can be shared among Organizations

 

Kerberos is one of many types of credentials supported

 

You can only specify one SSH username and password per credential

 

Credentials are reusable

 

Dashboard tabs are used to:

 

Provide organized, consolidated, and named groupings for vulnerability and event data

 

Separate active and passive data only

 

Display data on the next visual page

 

None of these

 

Which of the following is a valid post scan option?

 

Email the user who created the scan for each critical or high vulnerability that is found

 

Run a report

 

If the scan times out and does not complete, discard all results and restart the scan

 

Remove vulnerabilities from scanned hosts that do not reply

 

Which are the two types of Assurance Report Card?

 

Compliance or Executive

 

Vulnerability or Event

 

Executive or CIO

 

None of the these

 

The definitions of individual scan, cumulative, and mitigated vulnerability analysis do NOT include:

 

A single scan’s results, useful to show point-in time data

 

Alerting based on vulnerability results

 

Allows the user to filter results based on when the vulnerability was mitigated

 

Current vulnerabilities, including those recast, accepted or mitigated

 

On Windows hosts, the following is NOT a requirement for credentialed scans:

 

The authentication method must be set to classic

 

WMI service must be running and either set to a static port, or all ports must be opened between the Nessus scanner and the target host

 

All of these are required

 

The remote registry service must be disabled

 

File and print sharing must be enabled

 

Which of the following can be used for credentialed scans in SecurityCenter?

 

Encrypted username and password

 

All of these

 

Clear text username and password

 

RSA/DSA key pairs

 

Before performing scan analysis, the following is required:

 

Credentialed scans of all target systems

 

Active scan data and access to the repository containing the data

 

Passive AND Active scan data, as well as access to the repository containing the data

 

Queries created based upon the data you wish to analyze

 

After configuring vulnerability or event filters as desired, you can save your result as a:

 

Filtered Results List

 

Query

 

None of these

 

Saved Vulnerability List

 

Analyzing cumulative data is useful:

 

To view vulnerabilities that have been remediated

 

To extract point-in-time information with a narrow focus

 

To view trending information

 

To understand the full exposure of the network

ARCs can assist in checking for compliance with which of the following?

 

Internal policies

 

Business objectives

 

All of these

 

Industry/Government compliance requirements

 

Configuration recommendations that are typical for a secure baseline configuration from which to gauge compliance include all of the following except:

 

Listening service configuration

 

Sensitive data

 

Age of system hardware

 

Password complexity

 

System logging

 

The components required for each scan within SecurityCenter are:

 

Name, scan zone, repository, credentials, and targets

 

Schedule, asset, targets, and a post-scan report

 

Name, scan policy, scan zone, repository, and targets

 

Credentials, audit checks, repository, scan zone, and targets

 

Which of these is a valid scan target definition?

 

10.0.0.1-10.0.10.100

 

10.0.0.0/16

 

10.0.0.1,10.0.0.3

 

All of these

 

Why would you NOT want to store credentialed and non-credentialed data in the same repository?

 

Exporting the data will take too long

 

Mitigation information may be inaccurate

 

You can’t report on the data

 

If exported, you can’t import the data

 

When scanning a database, Tenable recommends that you:

 

Scan any other applications running on the database server

 

All of these

 

Scan the database software

 

Scan the operating system of the database server

 

When evaluating compliance scan results, you should want to focus on:

 

Compliant systems

 

Deviant systems

 

All of these

 

Offline systems

 

Vulnerabilities can be analyzed either as:

 

Mitigated or Resolved

 

Cumulative or Mitigated

 

Active or Transient

 

Active or Completed

Regarding ARCs in SecurityCenter, what does “CCC” stand for?

 

Cyber Common Controls

 

Common Cyber Controls

 

Critical Cyber Controls

 

Cyber Critical Controls

 

The types of repositories are:

 

Local, Remote, and Custom

 

IPv4, IPv6, Mobile, External, and Offline

 

Local, Cloud, and Offline

 

Compliance, Vulnerability, and Network

 

Scan policies can be created from:

 

Pre-configured template

 

Customized new template based on internal policies

 

All of these

 

Existing template

 

Compliance results use Info, High, and Medium severities to indicate:

 

Warning, Fail, and Contact Support

 

Fail, Pass, and Unable to complete the check

 

Pass, Fail, and More Information Required

 

Pass, Fail, and Unable to complete the check

 

Which of the following is true about a scan in SecurityCenter?

 

It must contain a scan policy

 

All of these

 

It can be restricted to specific targets

 

It can be scheduled to run

 

Why is it advisable to assign scanners to scan zones based on network topology?

 

It is not advisable since SecurityCenter will assign scanners on the fly

 

To avoid scanning offline systems

 

To avoid issues created by scanning through firewalls

 

To allow SecurityCenter to accurately update plugins on remote scanners

 

When on the ‘Add Active Scan’ page, if “Automatic Distribution Only” is set for the Organization’s scanning distribution method by the admin, the scanner used will be:

 

SecurityCenter picks the first available scanner, regardless where it is located in relation to the targets

 

None of these

 

SecurityCenter uses all available scanners and distributes the load

 

SecurityCenter picks the best available scanner in the target’s scan zone

 

SecurityCenter uses the scanner set as “default” during the initial configuration

 

Which analysis tool would you use to view detected web servers?

 

List Web Servers

 

List SSH Servers

 

Protocol Summary

 

None of these

 

If you were looking for specific hosts, which set of filters would be useful?

 

Workflow Filters

 

Plugin Filters

 

Date Filters

 

Target Filters

 

The first step to achieving compliance is:

 

Establishing a recommended and secure baseline host configuration

 

Conducting a full-scope PCI audit

 

Launching a credentialed patch audit

 

Hiring a third-party auditor

 

When using a policy template to create a policy, it is recommended to leave the default settings selected for all of the following reasons except:

 

Only plugins which are applicable to the target are executed

 

Pre-built policies are tailored by Tenable to meet most needs

 

These policies require minimal effort to configure

 

Conducting web application scans

 

Dynamic Asset Lists can be created from templates which:

 

Create scan policies based on asset lists

 

Export Asset Lists to a compatible asset tracking suite

 

None of these

 

Provide fast creation of commonly used Asset Lists

 

Nessus is an active scanner that connects to hosts in your network and identifies:

 

Vulnerabilities

 

Applications

 

Hosts

 

Services

 

All of these

 

If you are performing network and credentialed scans against the same targets, you should ___________ to ensure accurate mitigation data.

 

Create separate repositories to store each type of scan data

 

Configure SecurityCenter to discard all network scan data

 

Scan them using different user accounts

 

Create a separate organization

Order Solution Now

Our Service Charter

1. Professional & Expert Writers: On Time Writers only hire the best. Our writers are specially selected and recruited, after which they undergo further training to perfect their skills for specialization purposes. Moreover, our writers are holders of masters and Ph.D. degrees. They have impressive academic records, besides being native English speakers.

2. Top Quality Papers: Our customers are always guaranteed papers that exceed their expectations. All our writers have +5 years of experience. This implies that all papers are written by individuals who are experts in their fields. In addition, the quality team reviews all the papers before sending them to the customers.

3. Plagiarism-Free Papers: All papers provided by On Time Writers are written from scratch. Appropriate referencing and citation of key information are followed. Plagiarism checkers are used by the Quality assurance team and our editors just to double-check that there are no instances of plagiarism.

4. Timely Delivery: Time wasted is equivalent to a failed dedication and commitment. On Time Writers is known for timely delivery of any pending customer orders. Customers are well informed of the progress of their papers to ensure they keep track of what the writer is providing before the final draft is sent for grading.

5. Affordable Prices: Our prices are fairly structured to fit all groups. Any customer willing to place their assignments with us can do so at very affordable prices. In addition, our customers enjoy regular discounts and bonuses.

6. 24/7 Customer Support: At On Time Writers, we have put in place a team of experts who answer all customer inquiries promptly. The best part is the ever-availability of the team. Customers can make inquiries anytime.