Loading...

Messages

Proposals

Stuck in your homework and missing deadline? Get urgent help in $10/Page with 24 hours deadline

Get Urgent Writing Help In Your Essays, Assignments, Homeworks, Dissertation, Thesis Or Coursework & Achieve A+ Grades.

Privacy Guaranteed - 100% Plagiarism Free Writing - Free Turnitin Report - Professional And Experienced Writers - 24/7 Online Support

The components required for each scan within securitycenter are

08/10/2021 Client: muhammad11 Deadline: 2 Day

Proficiency Test

Scan policies define:

Which scan zone SecurityCenter should use

The repository where scan data should be stored

Which targets to scan

Which plugins, or checks, to run against a target

Scan Zones in SecurityCenter provide which major benefit:

Simplify compliance scanning

Improve PVS performance

Limit network impact of active scanning

Ease of scanner administration

What are the two types of Analysis Tools in SecurityCenter?

None of these

Summary and List

Filtered and Unfiltered

Exploited and Mitigated

Which of the following can be done when using an Analysis Tool?

Create an asset list

Close a ticket

Start a scan

Save a query

To display vulnerabilities that have been discovered in the last seven days, you would choose:

Edit Filters, Date Filters, Vulnerability Discovered, More than 7 days ago

Edit Filters, Date Filters, Vulnerability Published, Within the last 7 days

Edit Filters, Date Filters, Vulnerability Discovered, Within the last 7 days

Edit Filters, Date Filters, Vulnerability Last Observed, Within the last 7 days

The ‘Remediation Summary’ analysis tool shows:

Which actions SecurityCenter will take to improve security in your environment

A summary of vulnerabilities which have already been remediated

Solutions to vulnerabilities and the percentage of risk that would be reduced for each solution applied

A list of Microsoft patches required in your environment

Dashboard Components display data visually that is defined by:

Filter or Query

Scan Policy

Report or Scan

Audit File

Active Filters can be cleared one at a time by clicking the ‘X’ for the condition, or all at once by clicking on ‘Clear’ at the top of the Active Filters list.

true

false

Clicking the ‘Analysis’ drop-down allows you to select:

The type of data to analyze

The filter types to enable

The type of event to analyze

The alerting functionality

Dashboard components display visual data that is defined by which of the following?

Filter or Query

Scan Policy

Report or Scan

Audit File

For Linux/Unix systems that will be using SSH public key authentication for credentialed scanning, what information must be included in the scan policy?

The public key

The private key and passphrase

The public key, private key, and passphrase

The passphrase

Which of the following can be done with a report in SecurityCenter?

Schedule the report

Email the report

Publish the report to a website

All of the above

Credentialed patch audits can perform all of the following functions except:

Event correlation

Host discovery

Vulnerability discovery

Service discovery

Compliance results use Info, High, and Medium severities to indicate:

Provide actionable reports you can provide system administrators

Give highly detailed information about systems on the network

All of these

Bridge the communication gap between business executives and security professionals

If a scan is created with a schedule option of “Dependent”, what does that mean?

This scan will run upon completion of the scan chosen in the drop-down menu

The scan will only run if entered Boolean conditions match

The operating system of the target host must match the selected value before the scan will run

When this scan is complete, it will initiate the scan chosen from the drop-down menu

A scan policy template for a credentialed scan should include the following:

Root or Administrator system credentials

Standard user system credentials

RSA SecurID server information

None of these

1. For Linux/Unix systems that support SSH, what is the best practice recommendation for credentialed scan authentication?

OAuth authentication

SSH public key authentication with a passphrase

SecurID

Username / password

1. What is the difference between a host discovery scan and a basic network scan?

The network scan discovers hosts, services, and vulnerabilities, whereas the host discovery scan only discovers hosts and services running on open ports

The basic network scan requires credentials

The basic network scan will identify cloud services in use

The host discovery scan requires SecurityCenter to see all network traffic

1. The ‘List OS’ analysis tool shows:

A list of operating systems which SecurityCenter can detect

A list of the top 10 operating systems detected on the network

A list of operating systems and the number of vulnerabilities found

Only operating systems with at least 1 critical vulnerability

1. Using an SNMP community string for login is an example of:

Privilege escalation

SNMP community strings are not supported

Two-factor authentication

Keypair authentication

Compliance auditing is:

Only required by organizations in the government, financial, and industrial sectors

For organizations subject to PCI requirements

Comparing scan results with an established standard and reporting the deviations

Comparing scan results to trending vulnerabilities

Before a user adds a scan, which of the following would have been created (usually by another user, e.g., admin):

Scan Zones

Repositories

All of these

Scan Policies

Tenable provides pre-configured dashboard templates:

On the Tenable Dashboard Blog only

That become available by default after defining asset lists and running the first vulnerability scan

On the Tenable Dashboard Blog and in the “Add Dashboard” screen

On the “Add Dashboard” screen only

Credentialed scans can use all of the following protocols except:

Kerberos

SSH

OSPF

SNMP

Which of the following is NOT true about credentials in SecurityCenter?

Credentials can be shared among Organizations

Kerberos is one of many types of credentials supported

You can only specify one SSH username and password per credential

Credentials are reusable

Dashboard tabs are used to:

Provide organized, consolidated, and named groupings for vulnerability and event data

Separate active and passive data only

Display data on the next visual page

None of these

Which of the following is a valid post scan option?

Email the user who created the scan for each critical or high vulnerability that is found

Run a report

If the scan times out and does not complete, discard all results and restart the scan

Remove vulnerabilities from scanned hosts that do not reply

Which are the two types of Assurance Report Card?

Compliance or Executive

Vulnerability or Event

Executive or CIO

None of the these

The definitions of individual scan, cumulative, and mitigated vulnerability analysis do NOT include:

A single scan’s results, useful to show point-in time data

Alerting based on vulnerability results

Allows the user to filter results based on when the vulnerability was mitigated

Current vulnerabilities, including those recast, accepted or mitigated

On Windows hosts, the following is NOT a requirement for credentialed scans:

The authentication method must be set to classic

WMI service must be running and either set to a static port, or all ports must be opened between the Nessus scanner and the target host

All of these are required

The remote registry service must be disabled

File and print sharing must be enabled

Which of the following can be used for credentialed scans in SecurityCenter?

Encrypted username and password

All of these

Clear text username and password

RSA/DSA key pairs

Before performing scan analysis, the following is required:

Credentialed scans of all target systems

Active scan data and access to the repository containing the data

Passive AND Active scan data, as well as access to the repository containing the data

Queries created based upon the data you wish to analyze

After configuring vulnerability or event filters as desired, you can save your result as a:

Filtered Results List

Query

None of these

Saved Vulnerability List

Analyzing cumulative data is useful:

To view vulnerabilities that have been remediated

To extract point-in-time information with a narrow focus

To view trending information

To understand the full exposure of the network

ARCs can assist in checking for compliance with which of the following?

Internal policies

Business objectives

All of these

Industry/Government compliance requirements

Configuration recommendations that are typical for a secure baseline configuration from which to gauge compliance include all of the following except:

Listening service configuration

Sensitive data

Age of system hardware

Password complexity

System logging

The components required for each scan within SecurityCenter are:

Name, scan zone, repository, credentials, and targets

Schedule, asset, targets, and a post-scan report

Name, scan policy, scan zone, repository, and targets

Credentials, audit checks, repository, scan zone, and targets

Which of these is a valid scan target definition?

10.0.0.1-10.0.10.100

10.0.0.0/16

10.0.0.1,10.0.0.3

All of these

Why would you NOT want to store credentialed and non-credentialed data in the same repository?

Exporting the data will take too long

Mitigation information may be inaccurate

You can’t report on the data

If exported, you can’t import the data

When scanning a database, Tenable recommends that you:

Scan any other applications running on the database server

All of these

Scan the database software

Scan the operating system of the database server

When evaluating compliance scan results, you should want to focus on:

Compliant systems

Deviant systems

All of these

Offline systems

Vulnerabilities can be analyzed either as:

Mitigated or Resolved

Cumulative or Mitigated

Active or Transient

Active or Completed

Regarding ARCs in SecurityCenter, what does “CCC” stand for?

Cyber Common Controls

Common Cyber Controls

Critical Cyber Controls

Cyber Critical Controls

The types of repositories are:

Local, Remote, and Custom

IPv4, IPv6, Mobile, External, and Offline

Local, Cloud, and Offline

Compliance, Vulnerability, and Network

Scan policies can be created from:

Pre-configured template

Customized new template based on internal policies

All of these

Existing template

Compliance results use Info, High, and Medium severities to indicate:

Warning, Fail, and Contact Support

Fail, Pass, and Unable to complete the check

Pass, Fail, and More Information Required

Pass, Fail, and Unable to complete the check

Which of the following is true about a scan in SecurityCenter?

It must contain a scan policy

All of these

It can be restricted to specific targets

It can be scheduled to run

Why is it advisable to assign scanners to scan zones based on network topology?

It is not advisable since SecurityCenter will assign scanners on the fly

To avoid scanning offline systems

To avoid issues created by scanning through firewalls

To allow SecurityCenter to accurately update plugins on remote scanners

When on the ‘Add Active Scan’ page, if “Automatic Distribution Only” is set for the Organization’s scanning distribution method by the admin, the scanner used will be:

SecurityCenter picks the first available scanner, regardless where it is located in relation to the targets

None of these

SecurityCenter uses all available scanners and distributes the load

SecurityCenter picks the best available scanner in the target's scan zone

SecurityCenter uses the scanner set as “default” during the initial configuration

Which analysis tool would you use to view detected web servers?

List Web Servers

List SSH Servers

Protocol Summary

None of these

If you were looking for specific hosts, which set of filters would be useful?

Workflow Filters

Plugin Filters

Date Filters

Target Filters

The first step to achieving compliance is:

Establishing a recommended and secure baseline host configuration

Conducting a full-scope PCI audit

Launching a credentialed patch audit

Hiring a third-party auditor

When using a policy template to create a policy, it is recommended to leave the default settings selected for all of the following reasons except:

Only plugins which are applicable to the target are executed

Pre-built policies are tailored by Tenable to meet most needs

These policies require minimal effort to configure

Conducting web application scans

Dynamic Asset Lists can be created from templates which:

Create scan policies based on asset lists

Export Asset Lists to a compatible asset tracking suite

None of these

Provide fast creation of commonly used Asset Lists

Nessus is an active scanner that connects to hosts in your network and identifies:

Vulnerabilities

Applications

Hosts

Services

All of these

If you are performing network and credentialed scans against the same targets, you should ___________ to ensure accurate mitigation data.

Create separate repositories to store each type of scan data

Configure SecurityCenter to discard all network scan data

Scan them using different user accounts

Create a separate organization

Running a report consists of all of these steps except:

Defining the report type and style

Which of the following is NOT true about credentials in SecurityCenter?

Creating a query

Viewing the report results

Running the report to collect the data

Compliance standards come from:

Government or legal standards

Internal policies

Security organizations

Best practice recommendations from software vendors

All of these

To display only vulnerabilities that have an exploit available, you would perform which action?

Set the Exploit Available filter to ‘Yes’

Set the CVSS Score filter to ‘9.5-10.0’

Set the Vulnerability Text filter to 'Exploitable'

Which is not an available filter category in SecurityCenter?

Date Filters

ID Filters

Workflow Filters

Systems Compromised

Vulnerability Filters

Target Filters

Which of the following scans require credentials in SecurityCenter?

Running process auditing

Anti-Virus Agent auditing

All of these

Botnet detection

SA 1.b.ii.2.

The ‘Vulnerability Summary’ analysis tool shows:

A summary of vulnerabilities by host

A list of systems which exist in your environment, as well as their vulnerabilities

The number of hosts impacted by a given vulnerability

The number of assets impacted by a given vulnerability

What is an Asset List in SecurityCenter?

None of these

A list of IP-addressable devices

A list of Tenable products

A list of Users in an Organization

Which of the following is not an available scan policy template provided by Tenable?

Web Application Tests

Host Discovery

Policy Compliance Audit

SSH Scan

Homework is Completed By:

Writer Writer Name Amount Client Comments & Rating
Instant Homework Helper

ONLINE

Instant Homework Helper

$36

She helped me in last minute in a very reasonable price. She is a lifesaver, I got A+ grade in my homework, I will surely hire her again for my next assignments, Thumbs Up!

Order & Get This Solution Within 3 Hours in $25/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 3 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

Order & Get This Solution Within 6 Hours in $20/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 6 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

Order & Get This Solution Within 12 Hours in $15/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 12 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

6 writers have sent their proposals to do this homework:

Financial Assignments
Financial Hub
Quick Finance Master
Assignment Hut
Accounting & Finance Master
Maths Master
Writer Writer Name Offer Chat
Financial Assignments

ONLINE

Financial Assignments

You can award me any time as I am ready to start your project curiously. Waiting for your positive response. Thank you!

$37 Chat With Writer
Financial Hub

ONLINE

Financial Hub

I will cover all the points which you have mentioned in your project details.

$42 Chat With Writer
Quick Finance Master

ONLINE

Quick Finance Master

Hello, I an ranked top 10 freelancers in academic and contents writing. I can write and updated your personal statement with great quality and free of plagiarism

$42 Chat With Writer
Assignment Hut

ONLINE

Assignment Hut

I am known as Unrivaled Quality, Written to Standard, providing Plagiarism-free woork, and Always on Time

$33 Chat With Writer
Accounting & Finance Master

ONLINE

Accounting & Finance Master

I am known as Unrivaled Quality, Written to Standard, providing Plagiarism-free woork, and Always on Time

$31 Chat With Writer
Maths Master

ONLINE

Maths Master

I am known as Unrivaled Quality, Written to Standard, providing Plagiarism-free woork, and Always on Time

$20 Chat With Writer

Let our expert academic writers to help you in achieving a+ grades in your homework, assignment, quiz or exam.

Similar Homework Questions

Exodus 20 verse 4 - As fast as simile - The transactions of spade company appear below - Male dominance in a midsummer night's dream - Spodee opponent - Unitary executive theory john yoo - What is myth in semiotics - Catholic earthcare australia mission - Tom and jerry tennis chumps vimeo - Review the corresponding data set and use it to answer questions and complete an exploratory data analysis. You will use R and Excel to complete the assignment. - Integrated marketing mix tutor2u - 3.5 Nonprofit Fundraising Case Study: Part I - In the prince, machiavelli advises rulers to - Ppt- shareholder - Louis pasteur bbc bitesize - Data classification schemes should categorize information assets based on which of the following? - Upside down t math - Greenfield Investments - The wilkins family reading 1974 - Routing and switching essentials 6.0 - skills assessment - Strategic management of technological innovation pdf schilling - Mkt 571 week 1 individual assignment - What is timodine cream used for - Is target's store brand strategy working explain - Zurich sports watch s 481g - Separating salt from water - Meadow view farm school - Nexus nx2 wind transducer - What are codes and conventions - The perils and promises of praise - Craig weatherup net worth - Zao shang hao response - Library management system slideshare - Hard drawn copper properties - Care Plan/ Plan of Care - Case 1-540 - One size fits none sparknotes - 18b smarts crescent burraneer - Possible conflict management and negotiation techniques - Wk3/dis/reply/wm - Mass media ethics case studies - Unidare storage heater asbestos - Setu bandha sarvangasana sanskrit - 7 1 1 multimedia presentation planning worksheet assignment - N channel depletion mode mosfet - Medicare levy variation declaration - Unexpired insurance at october 31 $600 - Preschool prep series dvds - Disc - Literary and cultural theory from basic principles to advanced applications - Bac evaporative condenser catalogue - Discussion: Analyses of Social Problems in Case Studies-wk3-6361 - As nzs 3666.2 2011 - Angus young string gauge - Texas textbook evaluation tool - Westmorland general hospital appointments - Iceman murder mystery worksheet answers - Math - Project part 3 - Frs 8 related party disclosures - Cultural artifact paper - Royal academy of engineering code of ethics - Is it disrespectful to wear an american flag bandana - What is the relationship between a theory and a hypothesis - Milton keynes 300 bus - Streak on the starch agar plates - Inclusions and Exclusions of Gross Income - Equilibrium assignment answers - Caen community primary school - Reply 2 635 - Case studies - Nursing career development plan sample - Bada bing bail bonds brownsville tx - Butterfly meaning in chinese culture - E3 spark plug heat range chart - Finn kelly wealth enhancers - Entrepreneurial process of creating a new venture - Quality of nursing care theory by june larrabee - Impact of Mobile computing on Businesses - Core concepts 5.4 word wise - MKT 630 IP3 - Please watch the following video and comment. - Change management simulation power and influence scenario 1 - Gantt chart for wedding planning - Cisco wsa demo license download - Journal for Internship Course - Ethics in criminal justice - University college of jubail jobs - Theme from the giver - Vasco rossi band members - Assignment: Academic Success and Professional Development Plan Part 3: Strategies to Promote Academic Integrity and Professional Ethics - Mass percent of nahco3 in an alka seltzer tablet - What is the heinz dilemma - Comprehension check chapters 1 3 the great gatsby - Nursing care hours per patient day calculator - St andrew's hospital billericay blood tests - How to build a half wave rectifier - Live feature on pof - Khp and naoh titration lab report - Vehicular communications