Scribd
Upload
208 views4 pages

Unsol Cs205 Quiz 3 Final Term by Moin Akhtar

Uploaded by

abdullaharif786123
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
208 views4 pages

Unsol Cs205 Quiz 3 Final Term by Moin Akhtar

Uploaded by

abdullaharif786123
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

CS205 QUIZ 3 FINAL TERM BY MOIN AKHTAR

1. Which team tests the patches in the test environment in the vulnerability management
process?

 Information security team


 Risk & compliance team
 Business team
 IT operations team

2. Wireless access control comes under which category of CIS Top 20 Controls?
 Organizational
 Basic
 Advanced
 Foundational

3. Which of the following scan is deeper and gives more detailed scanning results?
 Initial options profile scan
 Un-credentialed vulnerability discovery
 Asset discovery scan
 Credentialed vulnerability scanning

4. Which CIS control is described in this module?


 Wireless access control
 Boundary defenses
 Malware defenses
 Data recovery capabilities

5. Which of the following system configuration management tools is used for Linux
systems?
 Active directory
 Fim
 Puppet
 Cis cat pro
6. Which of the following CIS critical controls is discussed in this module?
 Data protection
 Secure configuration for network devices
 Malware defense
 Boundary defense

7. What feature set does QUALYS scanner offer?


 Cost-effective
 Cloud-based service
 Quarterly subscription
 Not scalable

8. Why does CIS recommend configuring a monitoring system in an organization's


network?
 To detect compromise of systems at organization's network boundaries
 To record the network packets passing through the boundary
 To block malicious traffic at organization's network boundaries
 To block data loss through organization's network boundaries

9. In an enterprise, which software should be allowed to install and execute?


 Softwares displayed on notice board.
 Softwares included in white-list.
 Only paid software.
 Any freely available software.

10. What should standard secure configuration images represent?


 Hardened versions of OS only.
 Hardened versions of application installed on system only.
 Default configuration version of OS only.

 Hardened versions of underlying OS and application installed on system.


11. What feature set does QUALYS scanner offer?
 Cloud-based service
 Not scalable
 Cost-effective
 Quarterly subscription

12. How many TCP and UDP ports are scanned in a default scan?
 No ports are scanned by default
 1900 UDP ports and 180 TCP ports
 1900 TOCP ports and 180 UDP ports
 65,535 TCP ports

13. What information do we get from open TCP and UDP ports?
 Whether the host is alive or not
 Network details of the host
 Which services are running on the host
 Which OS is running on the host

14. In which mode should vulnerability scanning be performed?


 Un-authenticated mode
 Deep scan mode
 Authenticated mode
 Dedicated mode

15. Which types of plugins are supported by NESSUS scanner?


 OWASP
 CIS and DISA
 Sans and NIST
 SEI

16. Which policy is recommended by the data protection control of CIS for mobile devices
usage in an organization?
 Hard drive of mobile devices should be encrypted
 Employees should use only personal mobile devices
 Mobile devices should not be allowed
 Mobile devices are allowed for higher management only

17. As per limitation and control of network control of CIS, active ports, protocols, and
services should be associated with.
 Software assets in asset inventory
 Hardware assets in asset inventory
 All the assets in asset inventory
 Active directory domain

18. Which cloud storage should be allowed to use in an organization as per CIS?
 Hybrid cloud storage
 Authorized cloud storage
 Private cloud storage
 Public cloud storage

19. What should standard secure configuration images represent?


 Hardened versions of OS only.
 Hardened versions of application installed on system only.
 Default configuration version of OS only.
 Hardened versions of underlying OS and application installed on system.

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy