Chapter 13

9 September 2022
4.7 (114 reviews)
20 test answers

Unlock all answers in this set

Unlock answers (16)
question
At what point in a vulnerability assessment would an attack tree be utilized?
answer
Threat evaluation
question
Which of the following data sensitivity labels has the lowest level of data sensitivity?
answer
Public
question
Which statement regarding a honeypot is NOT true?
answer
It cannot be part of a honeynet
question
Which of the following constructs scenarios of the type of threats that assets can face to learn who attackers are, why they attack, and what type of attacks may occur?
answer
Threat modeling
question
Which of the following sends "probes" to network devices and examines the responses to evaluate whether a specific device needs remediation?
answer
Active scanner
question
Which of these should NOT be classified as an asset?
answer
Accounts payable
question
Which of the following is NOT true about privacy?
answer
Today, individuals can achieve any level of privacy that is desired.
question
Which of the following data sensitivity labels is the highest level of data sensitivity?
answer
Confidential
question
Which of the following is a systematic and methodical evaluation of the exposure of assets to attackers, forces of nature, and any other entity that could cause potential harm?
answer
Vulnerability assessment
question
Which of the following tools is Linux command-line protocol analyzer?
answer
Tcpdump
question
Which of the following is NOT a risk associated with the use of private data?
answer
Devices being infected with malware
question
Which of the following is NOT an issue raised regarding how private data is gathered and used?
answer
By law, all encrypted data must contain a "backdoor" entry point.
question
Is a tester is given the IP address, network diagrams, and source code of customer applications, the tester is using which technique?
answer
White box
question
Which of the following must be kept secure as mandated by HIPPA?
answer
PHI
question
Which of the following command line tools tests a connection between two network devices?
answer
Ping
question
Which statement regarding vulnerability appraisal is NOT true?
answer
Vulnerability appraisal is always the easiest and quickest step
question
If a software application aborts and leave the program open, which control structure is it using?
answer
Fail-open
question
Which of the following is NOT a function of a vulnerability scanner?
answer
Alerts users when a new patch cannot be found
question
Which of these is NOT a state of a port that can be returned by a port scanner?
answer
Busy
question
Which of the following is a command line alternative to Nmap?
answer
Netcat