A security analyst performs various types of vulnerability scans. Network Diagram DMZ Anonymizing Proxy External Host Mail Proxy Linux Web Server Directory Server File Print Server Server VLAReview the vulnerability scan results to determine the type of scan that was executed and if a false positive
occurred for each device.
Instructions:
Select the Results Generated drop-down option to determine if the results were generated from a credentialed
scan, non-credentialed scan, or a compliance scan.
For ONLY the credentialed and non-credentialed scans, evaluate the results for false positives and check the
findings that display false positives. NOTE: If you would like to uncheck an option that is currently selected, click
on the option a second time.
Lastly, based on the vulnerability scan results, identify the type of Server by dragging the Server to the results.
The Linux Web Server, File-Print Server and Directory Server are draggable.
If at any time you would like to bring back the initial state of the simulation, please select the Reset All button.
When you have completed the simulation, please select the Done button to submit. Once the simulation is
submitted, please select the Next button to continue.
Network Diagram DMZ Anonymizing Proxy External Host Mail Proxy Linux Web Server Directory Server File Print Server Server VLAN Switch Switch Switch Windows Workstation Linux Workstation Thin Client Switch User VLAN Internet Router Firewall Hot Area: Results Generated False Positive Findings Listing 1 Critical (100) 12209 Security Update for Microsoft Windows (835732) Critical (10.0) 13852 Microsoft Windows Task Scheduler Remote Overflow (841873) Critical (10.) 18502 Vulnerability in SM B Could allow Remote Code Execution (896422) Critical (100) 58662 Samba 3.x<3.6.4/3.5.14/3.4.16 RPC Multiple Buffer Overflows (20161146) Critical (10.0) 19407 Vulnerability in Printer Spooler Service Could Allow Remote Code Execution (896423) Credentialed Non-Credentialed Compliance Results Generated False Positive Findings Listing 2 Critical (100) 19407 Vulnerability in Printer Spooler Service Could Allow Remote Code Execution (896423) Critical (10.0) 11890 Ubuntu 5.0/5.10/6.06 LTS : Buffer Overrun in Messenger Service (CVE-2016-8035) Critical (10.0) 27942 Ubuntu 5.04/5.10/6.06 LTS : php5 vulnerabilities (CVE-2016-362-1) Critical (10.0) 27978 Ubuntu 5.10/6.06 LTS/6.10 :gnupg vulnerability (CVE-2016-3931) Critical (10.0) 28017 Ubuntu 5.10/6.06 LTS/6.10 : php5 regression (CVE-2016-4242) Credentialed Non-Credentialed Compliance Results Generated OOOOO False Positive Findings Listing 3 WARNING (1.0.1) System cryptography. Force strong key protection for user keys stored on the computer. Prompt the User each time a key is first used INFORM (1.2.4) Network access: Do not allow anonymous enumeration of SAM accounts: Enabled INFORM (1.3.4) Network access: Do not allow anonymous enumeration of SAM accounts and shares: Enabled INFORM (1.5.0) Network access: Let everyone permissions apply to anonymous users: Disabled INFORM (1.6.5) Network access: Sharing and security model for local accounts Classic - local users authenticate as themselves Credentialed Non-Credentialed Compliance