Computer Science homework help. Scan policies define:
Which scan zone SecurityCenter should useü
The repository where scan data should be stored
Which targets to scan
Which plugins, or checks, to run against a target
Scan Zones in SecurityCenter provide which major benefit:
Simplify compliance scanning
Improve PVS performance
Limit network impact of active scanning
Ease of scanner administrationü
What are the two types of Analysis Tools in SecurityCenter?
None of these
Summary and Listü
Filtered and Unfiltered
Exploited and Mitigated
Which of the following can be done when using an Analysis Tool?
Create an asset listü
Close a ticket
Start a scan
Save a query
To display vulnerabilities that have been discovered in the last seven days, you would choose:
Edit Filters, Date Filters, Vulnerability Discovered, More than 7 days ago
Edit Filters, Date Filters, Vulnerability Published, Within the last 7 days
Edit Filters, Date Filters, Vulnerability Discovered, Within the last 7 daysü
Edit Filters, Date Filters, Vulnerability Last Observed, Within the last 7 days
The ‘Remediation Summary’ analysis tool shows:
Which actions SecurityCenter will take to improve security in your environment
A summary of vulnerabilities which have already been remediatedü
Solutions to vulnerabilities and the percentage of risk that would be reduced for each solution applied
A list of Microsoft patches required in your environment
Dashboard Components display data visually that is defined by:
Filter or Queryü
Scan Policy
Report or Scan
Audit File
Active Filters can be cleared one at a time by clicking the ‘X’ for the condition, or all at once by clicking on ‘Clear’ at the top of the Active Filters list.
trueü
false
Clicking the ‘Analysis’ drop-down allows you to select:
The type of data to analyzeü
The filter types to enable
The type of event to analyze
The alerting functionality
Dashboard components display visual data that is defined by which of the following?
Filter or Queryü
Scan Policy
Report or Scan
Audit File
For Linux/Unix systems that will be using SSH public key authentication for credentialed scanning, what information must be included in the scan policy?
The public key
The private key and passphrase
The public key, private key, and passphraseü
The passphrase
Which of the following can be done with a report in SecurityCenter?
Schedule the report
Email the report
Publish the report to a website
All of the aboveü
Credentialed patch audits can perform all of the following functions except:
Event correlation
Host discoveryü
Vulnerability discovery
Service discovery
Compliance results use Info, High, and Medium severities to indicate:
Provide actionable reports you can provide system administrators
Give highly detailed information about systems on the network
All of theseü
Bridge the communication gap between business executives and security professionals
If a scan is created with a schedule option of “Dependent”, what does that mean?
This scan will run upon completion of the scan chosen in the drop-down menuü
The scan will only run if entered Boolean conditions match
The operating system of the target host must match the selected value before the scan will run
When this scan is complete, it will initiate the scan chosen from the drop-down menu
A scan policy template for a credentialed scan should include the following:
Root or Administrator system credentials
Standard user system credentialsü
RSA SecurID server information
None of these
- For Linux/Unix systems that support SSH, what is the best practice recommendation for credentialed scan authentication?
OAuth authentication
SSH public key authentication with a passphraseü
SecurID
Username / password
- What is the difference between a host discovery scan and a basic network scan?
The network scan discovers hosts, services, and vulnerabilities, whereas the host discovery scan only discovers hosts and services running on open portsü
The basic network scan requires credentials
The basic network scan will identify cloud services in use
The host discovery scan requires SecurityCenter to see all network traffic
- The ‘List OS’ analysis tool shows:
A list of operating systems which SecurityCenter can detect
A list of the top 10 operating systems detected on the network
A list of operating systems and the number of vulnerabilities foundü
Only operating systems with at least 1 critical vulnerability
- Using an SNMP community string for login is an example of:
Privilege escalation
SNMP community strings are not supported
Two-factor authentication
Keypair authenticationü
Compliance auditing is:
Only required by organizations in the government, financial, and industrial sectors
For organizations subject to PCI requirementsü
Comparing scan results with an established standard and reporting the deviations
Comparing scan results to trending vulnerabilities
Before a user adds a scan, which of the following would have been created (usually by another user, e.g., admin):
Scan Zones
Repositories
All of theseü
Scan Policies
Tenable provides pre-configured dashboard templates:
On the Tenable Dashboard Blog only
That become available by default after defining asset lists and running the first vulnerability scanü
On the Tenable Dashboard Blog and in the “Add Dashboard” screen
On the “Add Dashboard” screen only
Credentialed scans can use all of the following protocols except:
Kerberos
SSH
OSPFü
SNMP
Which of the following is NOT true about credentials in SecurityCenter?
Credentials can be shared among Organizationsü
Kerberos is one of many types of credentials supported
You can only specify one SSH username and password per credential
Credentials are reusable
Dashboard tabs are used to:
Provide organized, consolidated, and named groupings for vulnerability and event dataü
Separate active and passive data only
Display data on the next visual page
None of these
Which of the following is a valid post scan option?
Email the user who created the scan for each critical or high vulnerability that is found
Run a reportü
If the scan times out and does not complete, discard all results and restart the scan
Remove vulnerabilities from scanned hosts that do not reply
Which are the two types of Assurance Report Card?
Compliance or Executive
Vulnerability or Eventü
Executive or CIO
None of the these
The definitions of individual scan, cumulative, and mitigated vulnerability analysis do NOT include:
A single scan’s results, useful to show point-in time dataü
Alerting based on vulnerability results
Allows the user to filter results based on when the vulnerability was mitigated
Current vulnerabilities, including those recast, accepted or mitigated
On Windows hosts, the following is NOT a requirement for credentialed scans:
The authentication method must be set to classicü
WMI service must be running and either set to a static port, or all ports must be opened between the Nessus scanner and the target host
All of these are required
The remote registry service must be disabled
File and print sharing must be enabled
Which of the following can be used for credentialed scans in SecurityCenter?
Encrypted username and password
All of these
Clear text username and passwordü
RSA/DSA key pairs
Before performing scan analysis, the following is required:
Credentialed scans of all target systemsü
Active scan data and access to the repository containing the data
Passive AND Active scan data, as well as access to the repository containing the data
Queries created based upon the data you wish to analyze
After configuring vulnerability or event filters as desired, you can save your result as a:
Filtered Results Listü
Query
None of these
Saved Vulnerability List
Analyzing cumulative data is useful:
To view vulnerabilities that have been remediated
To extract point-in-time information with a narrow focus
To view trending information
To understand the full exposure of the networkü
ARCs can assist in checking for compliance with which of the following?
Internal policiesü
Business objectives
All of these
Industry/Government compliance requirements
Configuration recommendations that are typical for a secure baseline configuration from which to gauge compliance include all of the following except:
Listening service configurationü
Sensitive data
Age of system hardware
Password complexity
System logging
The components required for each scan within SecurityCenter are:
Name, scan zone, repository, credentials, and targetsü
Schedule, asset, targets, and a post-scan report
Name, scan policy, scan zone, repository, and targets
Credentials, audit checks, repository, scan zone, and targets
Which of these is a valid scan target definition?
10.0.0.1-10.0.10.100ü
10.0.0.0/16
10.0.0.1,10.0.0.3
All of these
Why would you NOT want to store credentialed and non-credentialed data in the same repository?
Exporting the data will take too long
Mitigation information may be inaccurate
You can’t report on the dataü
If exported, you can’t import the data
When scanning a database, Tenable recommends that you:
Scan any other applications running on the database server
All of theseü
Scan the database software
Scan the operating system of the database server
When evaluating compliance scan results, you should want to focus on:
Compliant systems
Deviant systems
All of theseü
Offline systems
Vulnerabilities can be analyzed either as:
Mitigated or Resolvedü
Cumulative or Mitigated
Active or Transient
Active or Completed
Regarding ARCs in SecurityCenter, what does “CCC” stand for?
Cyber Common Controls
Common Cyber Controls
Critical Cyber Controlsü
Cyber Critical Controls
The types of repositories are:
Local, Remote, and Custom
IPv4, IPv6, Mobile, External, and Offline
Local, Cloud, and Offlineü
Compliance, Vulnerability, and Network
Scan policies can be created from:
Pre-configured template
Customized new template based on internal policies
All of theseü
Existing template
Compliance results use Info, High, and Medium severities to indicate:
Warning, Fail, and Contact Supportü
Fail, Pass, and Unable to complete the check
Pass, Fail, and More Information Required
Pass, Fail, and Unable to complete the check
Which of the following is true about a scan in SecurityCenter?
It must contain a scan policy
All of theseü
It can be restricted to specific targets
It can be scheduled to run
Why is it advisable to assign scanners to scan zones based on network topology?
It is not advisable since SecurityCenter will assign scanners on the flyü
To avoid scanning offline systems
To avoid issues created by scanning through firewalls
To allow SecurityCenter to accurately update plugins on remote scanners
When on the ‘Add Active Scan’ page, if “Automatic Distribution Only” is set for the Organization’s scanning distribution method by the admin, the scanner used will be:
SecurityCenter picks the first available scanner, regardless where it is located in relation to the targets
None of these
SecurityCenter uses all available scanners and distributes the loadü
SecurityCenter picks the best available scanner in the target’s scan zone
SecurityCenter uses the scanner set as “default” during the initial configuration
Which analysis tool would you use to view detected web servers?
List Web Servers
List SSH Servers
Protocol Summary
None of theseü
If you were looking for specific hosts, which set of filters would be useful?
Workflow Filters
Plugin Filters
Date Filters
Target Filtersü
The first step to achieving compliance is:
Establishing a recommended and secure baseline host configuration
Conducting a full-scope PCI auditü
Launching a credentialed patch audit
Hiring a third-party auditor
When using a policy template to create a policy, it is recommended to leave the default settings selected for all of the following reasons except:
Only plugins which are applicable to the target are executed
Pre-built policies are tailored by Tenable to meet most needs
These policies require minimal effort to configure
Conducting web application scansü
Dynamic Asset Lists can be created from templates which:
Create scan policies based on asset listsü
Export Asset Lists to a compatible asset tracking suite
None of these
Provide fast creation of commonly used Asset Lists
Nessus is an active scanner that connects to hosts in your network and identifies:
Vulnerabilitiesü
Applications
Hosts
Services
All of these
If you are performing network and credentialed scans against the same targets, you should ___________ to ensure accurate mitigation data.
Create separate repositories to store each type of scan dataü
Configure SecurityCenter to discard all network scan data
Scan them using different user accounts
Create a separate organization
Running a report consists of all of these steps except:
Defining the report type and style
Which of the following is NOT true about credentials in SecurityCenter?
Creating a query
Viewing the report results
Running the report to collect the data
Compliance standards come from:
Government or legal standards
Internal policies
Security organizations
Best practice recommendations from software vendors
All of these
To display only vulnerabilities that have an exploit available, you would perform which action?
Set the Exploit Available filter to ‘Yes’
Set the CVSS Score filter to ‘9.5-10.0’
Set the Vulnerability Text filter to ‘Exploitable’
Which is not an available filter category in SecurityCenter?
Date Filters
ID Filters
Workflow Filters
Systems Compromised
Vulnerability Filters
Target Filters
Which of the following scans require credentials in SecurityCenter?
Running process auditing
Anti-Virus Agent auditing
All of these
Botnet detection
SA 1.b.ii.2.
The ‘Vulnerability Summary’ analysis tool shows:
A summary of vulnerabilities by host
A list of systems which exist in your environment, as well as their vulnerabilities
The number of hosts impacted by a given vulnerability
The number of assets impacted by a given vulnerability
What is an Asset List in SecurityCenter?
None of these
A list of IP-addressable devices
A list of Tenable products
A list of Users in an Organization
Which of the following is not an available scan policy template provided by Tenable?
Web Application Tests
Host Discovery
Policy Compliance Audit
SSH Scan
