Comptia Pentest+ 2023 Questions and answer - Part 54
1. Choose any two of the following statements which are described as a discovery scan in Nmap.(Select 2answers)
A) It scans all 65,000+ possible network ports
B) It identifies software and versions running on open ports
C) It performs a simple ping test to determine if a host is up and alive on the network
D) It is an active scanning technique
2. What type of scan is the most helpful when Security Content Automation Protocol (SCAP) aware scanners, such as Tenable-s Nessus, test the execution of best-practice security configuration baselines from the Center for Internet Security (CIS)?
A) Stealth Scan
B) Compliance Scan
C) Discovery Scan
D) Full Scan
3. Select the general term that encompasses numerous types of control systems and equipment used for industrial process control.
A) SCADA
B) ICS
C) POS
D) None of the above
4. Following are the examples of a non-traditional asset, except ____________.
A) Linux Servers
B) IoT Devices
C) Real-time Operating Systems (RTOSs)
D) SCADA Networks
5. Following are issues to consider when performing a vulnerability scan, except ____________.
A) Bandwidth limitations
B) Services and protocols known to be in use in the environment
C) The public reputation of the developers of the software or operating system being tested
D) Overall topology of the network in question
A) It scans all 65,000+ possible network ports
B) It identifies software and versions running on open ports
C) It performs a simple ping test to determine if a host is up and alive on the network
D) It is an active scanning technique
2. What type of scan is the most helpful when Security Content Automation Protocol (SCAP) aware scanners, such as Tenable-s Nessus, test the execution of best-practice security configuration baselines from the Center for Internet Security (CIS)?
A) Stealth Scan
B) Compliance Scan
C) Discovery Scan
D) Full Scan
3. Select the general term that encompasses numerous types of control systems and equipment used for industrial process control.
A) SCADA
B) ICS
C) POS
D) None of the above
4. Following are the examples of a non-traditional asset, except ____________.
A) Linux Servers
B) IoT Devices
C) Real-time Operating Systems (RTOSs)
D) SCADA Networks
5. Following are issues to consider when performing a vulnerability scan, except ____________.
A) Bandwidth limitations
B) Services and protocols known to be in use in the environment
C) The public reputation of the developers of the software or operating system being tested
D) Overall topology of the network in question
1. Right Answer: C,D
Explanation:
2. Right Answer: B
Explanation: A stealth scan in Nmap is denoted by the -sS flag and leverages the use of SYN and RST packets when probing ports. If a server responds with a SYN/ACK packet to continue a three-way TCP handshake, Nmap trashes the connection by sending an RST packet; this often prevents scans from showing up in server logs.
3. Right Answer: B
Explanation: The baselines established by SCAP and embedded in scanners such as Nessus are most helpful during a compliance scan.
4. Right Answer: A
Explanation: The Industrial Control System (ICS) is a general term that encompasses numerous type of control systems and equipment used for industrial process control.
5. Right Answer: C
Explanation: Linux servers are common computer hardware, and as such are considered a rather traditional sort of information system asset.
Explanation:
2. Right Answer: B
Explanation: A stealth scan in Nmap is denoted by the -sS flag and leverages the use of SYN and RST packets when probing ports. If a server responds with a SYN/ACK packet to continue a three-way TCP handshake, Nmap trashes the connection by sending an RST packet; this often prevents scans from showing up in server logs.
3. Right Answer: B
Explanation: The baselines established by SCAP and embedded in scanners such as Nessus are most helpful during a compliance scan.
4. Right Answer: A
Explanation: The Industrial Control System (ICS) is a general term that encompasses numerous type of control systems and equipment used for industrial process control.
5. Right Answer: C
Explanation: Linux servers are common computer hardware, and as such are considered a rather traditional sort of information system asset.
Comments
0
CA Foundation Business Economics Questions 2023 - Part 32
03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 31
03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 29
03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 28
03 Mar 2023
