<< Prev Question Next Question >>

Question 40/64

A security analyst performs various types of vulnerability scans. Review the vulnerability scan results to determine the type of scan that was executed and if a false positive occurred for each device.
Instructions:
Select the Results Generated drop-down option to determine if the results were generated from a credentialed scan, non-credentialed scan, or a compliance scan.
For ONLY the credentialed and non-credentialed scans, evaluate the results for false positives and check the findings that display false positives. NOTE: If you would like to uncheck an option that is currently selected, click on the option a second time.
Lastly, based on the vulnerability scan results, identify the type of Server by dragging the Server to the results.
The Linux Web Server, File-Print Server and Directory Server are draggable.
If at any time you would like to bring back the initial state of the simulation, please select the Reset All button. When you have completed the simulation, please select the Done button to submit. Once the simulation is submitted, please select the Next button to continue.

LEAVE A REPLY

Your email address will not be published. Required fields are marked *

Question List (64q)
Question 1: Which of the following is the best metric for an organizatio...
Question 2: A security analyst is reviewing the findings of the latest v...
Question 3: Which of the following phases of the Cyber Kill Chain involv...
Question 4: An analyst finds that an IP address outside of the company n...
Question 5: An employee accessed a website that caused a device to becom...
Question 6: An organization has activated the CSIRT. A security analyst ...
Question 7: A cloud team received an alert that unauthorized resources w...
Question 8: Which of the following would a security analyst most likely ...
Question 9: The developers recently deployed new code to three web serve...
Question 10: An organization recently changed its BC and DR plans. Which ...
Question 11: A company's user accounts have been compromised. Users are a...
Question 12: The vulnerability analyst reviews threat intelligence regard...
Question 13: While reviewing web server logs, an analyst notices several ...
Question 14: An incident response team finished responding to a significa...
Question 15: After completing a review of network activity. the threat hu...
Question 16: An incident response team is working with law enforcement to...
Question 17: An analyst notices there is an internal device sending HTTPS...
Question 18: A company is in the process of implementing a vulnerability ...
Question 19: Which of the following security operations tasks are ideal f...
Question 20: The Chief Executive Officer of an organization recently hear...
Question 21: An organization enabled a SIEM rule to send an alert to a se...
Question 22: After a security assessment was done by a third-party consul...
Question 23: A company's security team is updating a section of the repor...
Question 24: A cybersecurity team has witnessed numerous vulnerability ev...
Question 25: An analyst is reviewing a vulnerability report for a server ...
Question 26: The security team reviews a web server for XSS and runs the ...
Question 27: A systems analyst is limiting user access to system configur...
Question 28: An older CVE with a vulnerability score of 7.1 was elevated ...
Question 29: A security alert was triggered when an end user tried to acc...
Question 30: A security analyst is trying to identify anomalies on the ne...
Question 31: An analyst has been asked to validate the potential risk of ...
Question 32: Which of the following concepts is using an API to insert bu...
Question 33: Which of the following would help an analyst to quickly find...
Question 34: An analyst is reviewing a vulnerability report and must make...
Question 35: A vulnerability management team is unable to patch all vulne...
Question 36: Which of the following is the best way to begin preparation ...
Question 37: There are several reports of sensitive information being dis...
Question 38: Which of the following best describes the document that defi...
Question 39: An end-of-life date was announced for a widely used OS. A bu...
Question 40: A security analyst performs various types of vulnerability s...
Question 41: You are a penetration tester who is reviewing the system har...
Question 42: After conducting a cybersecurity risk assessment for a new s...
Question 43: A security analyst is trying to detect connections to a susp...
Question 44: A Chief Information Security Officer (CISO) is concerned tha...
Question 45: Due to reports of unauthorized activity that was occurring o...
Question 46: A security analyst receives an alert for suspicious activity...
Question 47: A recent zero-day vulnerability is being actively exploited,...
Question 48: A cybersecurity analyst is reviewing SIEM logs and observes ...
Question 49: New employees in an organization have been consistently plug...
Question 50: A recent penetration test discovered that several employees ...
Question 51: A security analyst is validating a particular finding that w...
Question 52: Which of the following describes a contract that is used to ...
Question 53: During a cybersecurity incident, one of the web servers at t...
Question 54: A security analyst at a company called ACME Commercial notic...
Question 55: A Chief Information Security Officer wants to map all the at...
Question 56: A security analyst needs to ensure that systems across the o...
Question 57: An analyst is remediating items associated with a recent inc...
Question 58: The security operations team is required to consolidate seve...
Question 59: During an incident, an analyst needs to acquire evidence for...
Question 60: A security analyst discovers an LFI vulnerability that can b...
Question 61: A security analyst detects an exploit attempt containing the...
Question 62: After identifying a threat, a company has decided to impleme...
Question 63: Which of the following risk management principles is accompl...
Question 64: A security analyst is reviewing a packet capture in Wireshar...