1. You know that your network has a web server that has missing patches; however, the vulnerability scanner says the webserver is not missing any
1. You know that your network has a web server that has missing patches; however, the vulnerability scanner says the webserver is not missing any patches. What is this called?
A. false positive
B. true negative
C. false negative
D. true positive
2. What is monitoring user behavior and comparing current behavior to a baseline?
A. Sentiment analysis
B. Log aggregation
C. Packet capture
D. User behavior analysis (UBA)
3. Your vulnerability scanner tells you that your web server is not missing any patches. Before the scan, you updated your web server with all the patches. What do we call this situation?
A. true positive
B. false positive
C. true negative
D. false negative
4. What are tools that automatically detect and respond to suspicious activity?
A. Common Vulnerabilities and Exposures (CVE)
B. Security Information and Event Management (SIEM)
C. Common Vulnerability Scoring System (CVSS)
D. Security Orchestration, Automation, and Response (SOAR)
5. Which of the following is NOT part of a vulnerability scan?
A. Identify lack of security controls
B. Passively test security controls
C. Exploit vulnerabilities
D. Identify common misconfigurations
6. Which testing is intrusive and can potentially bring down a system?
A. non-credentialed scanning
B. pen-testing
C. credentialed scanning
D. vulnerability scanning
7. What does a vulnerability scanner use to identify potential vulnerabilities?
A. hashing
B. database of known vulnerabilities
C. false positives
D. key loggers
8. _____ is an open standard that assesses the severity of vulnerabilities.
A. Common Vulnerability Scoring System (CVSS)
B. Common Vulnerabilities and Exposures (CVE)
C. Security Information and Event Management (SIEM)
D. Security Orchestration, Automation, and Response (SOAR)
9. What is putting dissimilar data into the same format for convenient searching and analyzing?
A. User behavior analysis (UBA)
B. Log aggregation
C. Packet capture
D. Sentiment analysis
10. What is analyzing text to detect an opinion or emotion?
A. Sentiment analysis
B. Packet capture
C. User behavior analysis (UBA)
D. Log aggregation
Step by Step Solution
There are 3 Steps involved in it
Step: 1
1A false negative A false negative occurs when a test result incorrectly indicates that something is not present when it actually is In this case the vulnerability scanner incorrectly indicates that t...
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started
Authors: Michael E. Whitman, Herbert J. Mattord
4th Edition
978-1111138219, 1111138214, 978-1285448367
