timeout (in seconds)Max simultaneous checks per hostMax simultaneous hosts per scan142 Isidora runs a vulnerability scan of the management interface for her organization's DNS service. She receives the vulnerability report shown here. What should be Isidora's next action?Disable the use of cookies on this service.Request that the vendor rewrite the interface to avoid this vulnerability.Investigate the contents of the cookie.Shut down the DNS service.
143 Zara is prioritizing vulnerability scans and would like to base the frequency of scanning on the information asset value. Which of the following criteria would be most appropriate for her to use in this analysis?Cost of hardware acquisitionCost of hardware replacementTypes of information processedDepreciated hardware cost
144 Laura is working to upgrade her organization's vulnerability management program. She would like to add technology that is capable of retrieving the configurations of systems, even when they are highly secured. Many systems use local authentication, and she wants to avoid the burden of maintaining accounts on all of those systems. What technology should Laura consider to meet her requirement?Credentialed scanningUncredentialed scanningServer-based scanningAgent-based scanning
145 Javier discovered the vulnerability shown here in a system on his network. He is unsure what system component is affected. What type of service is causing this vulnerability?Backup serviceDatabase serviceFile sharingWeb service
146 Alicia runs a vulnerability scan of a server being prepared for production and finds the vulnerability shown here. Which one of the following actions is least likely to reduce this risk?Block all connections on port 22.Upgrade OpenSSH.Disable AES-GCM in the server configuration.Install a network IPS in front of the server.
147 After scanning his organization's email server, Singh discovered the vulnerability shown here. What is the most effective response that Singh can take in this situation?Upgrade to the most recent version of Microsoft Exchange.Upgrade to the most recent version of Microsoft Windows.Implement the use of strong encryption.No action is required.
148 A SQL injection exploit typically gains access to a database by exploiting a vulnerability in a(n)__________.Operating systemWeb applicationDatabase serverFirewallUse the following scenario to answer questions 149–151.Ryan ran a vulnerability scan of one of his organization's production systems and received the report shown here. He would like to understand this vulnerability better and then remediate the issue.
149 Ryan will not be able to correct the vulnerability for several days. In the meantime, he would like to configure his intrusion prevention system to watch for issues related to this vulnerability. Which one of the following protocols would an attacker use to exploit this vulnerability?SSHHTTPSFTPRDP
150 Which one of the following actions could Ryan take to remediate the underlying issue without disrupting business activity?Disable the IIS service.Apply a security patch.Modify the web application.Apply IPS rules.
151 If an attacker is able to exploit this vulnerability, what is the probable result that will have the highest impact on the organization?Administrative control of the serverComplete control of the domainAccess to configuration informationAccess to web application logs
152 Ted is configuring vulnerability scanning for a file server on his company's internal network. The server is positioned on the network as shown here. What types of vulnerability scans should Ted perform to balance the efficiency of scanning effort with expected results?Ted should not perform scans of servers on the internal network.Ted should only perform internal vulnerability scans.Ted should only perform external vulnerability scans.Ted should perform both internal and external vulnerability scans.
153 Zahra is attempting to determine the next task that she should take on from a list of security priorities. Her boss told her that she should focus on activities that have the most “bang for the buck.” Of the tasks shown here, which should she tackle first?Task 1Task 2Task 3Task 4
154 Kyong manages the vulnerability scans for his organization. The senior director that oversees Kyong's group provides a report to the CIO on a monthly basis on operational activity, and he includes the number of open critical vulnerabilities. He would like to provide this information to his director in as simple a manner as possible each month. What should Kyong do?Provide the director with access to the scanning system.Check the system each month for the correct number and email it to the director.Configure a report that provides the information to automatically send to the director's email at the proper time each month.Ask an administrative assistant to check the system and provide the director with the information.
155 Morgan is interpreting the vulnerability scan from her organization's network, shown here. She would like to determine which vulnerability to remediate first. Morgan would like to focus on vulnerabilities that are most easily exploitable by someone outside her organization. Assuming the firewall is properly configured, which one of the following vulnerabilities should Morgan give the highest priority?Severity 5 vulnerability in the workstationSeverity 1 vulnerability in the file serverSeverity 5 vulnerability in the web serverSeverity 1 vulnerability in the mail server
156 Mike runs a vulnerability scan against his company's virtualization environment and finds the vulnerability shown here in several of the virtual hosts. What action should Mike take?No action is necessary because this is an informational report.Mike should disable HTTP on the affected devices.Mike should upgrade the version of OpenSSL on the affected devices.Mike should immediately upgrade the hypervisor.
157 Juan recently scanned a system and found that it was running services on ports 139 and 445. What operating system is this system most likely running?UbuntuMacOSCentOSWindows
158 Gene is concerned about the theft of sensitive information stored in a database. Which one of the following vulnerabilities would pose the most direct threat to this information?SQL injectionCross-site scriptingBuffer overflowDenial of service
159 Which one of the following protocols is not likely to trigger a vulnerability scan alert when used to support a virtual private network (VPN)?IPsecSSL v2PPTPSSL v3
160 Rahul ran a vulnerability scan of a server that will be used for credit card processing in his environment and received a report containing the vulnerability shown here. What action must Rahul take?Remediate the vulnerability when possible.Remediate the vulnerability prior to moving the system into production and rerun the scan to obtain a clean result.Remediate the vulnerability within 90 days of moving the system to production.No action is required.Use the following scenario to answer questions 161–162.Aaron is scanning a server in his organization's data center and receives the vulnerability report shown here. The service is exposed only to internal hosts.
161 What is the normal function of the service with this vulnerability?File transferWeb hostingTime synchronizationNetwork addressing
162 What priority should Aaron place on remediating this vulnerability?Aaron should make this vulnerability his highest priority.Aaron should remediate this vulnerability urgently but does not need to drop everything.Aaron should remediate this vulnerability within the next month.Aaron does not need to assign any priority to remediating this vulnerability.
163 Without access to any additional information, which one of the following vulnerabilities would you consider the most severe if discovered on a production web server?CGI generic SQL injectionWeb application information disclosureWeb server uses basic authentication without HTTPSWeb server directory enumeration
164 Gina ran a vulnerability scan on three systems that her organization is planning to move to production and received the results shown here. How many of these issues should Gina require be resolved before moving to production?013All of these issues should be resolved
165 Ji-won recently restarted an old vulnerability scanner that had not been used in more than
