Determining Relative Value of Assets Quiz

Questions and Answers

What is the purpose of a vulnerability appraisal?

• To determine the source and destination IP addresses
• To simulate a malicious attack on a computer system
• To identify the different port states on a system
• To find security weaknesses that expose assets to threats (correct)

How are vulnerabilities often determined according to the text?

• By using dictionary attacks
• By simulating a malicious attack
• Depends on the background and experience of the assessor (correct)
• By sending probes to ports on a target system

What are the two categories of tools used for identifying vulnerabilities?

• Firewalls and antivirus software
• Protocol analyzers and password crackers
• Penetration testing and vulnerability scanning (correct)
• Port scanners and network mappers

What is the primary form of address identification on a TCP/IP network?

IP addresses (C)

Which tool is typically used by an organization to identify weaknesses in the system?

Port scanners (C)

What do TCP/IP ports use as an identifier to applications and services on systems?

Numeric values (D)

What is the main objective of penetration testing?

Evaluating the security of a computer system or network (A)

What do vulnerability scanners help network administrators find?

Weaknesses in the system that need addressing (D)

What do penetration testing and vulnerability scanning have in common?

Both aim to evaluate the security of a system or network (D)

What is the purpose of a port scanner?

To send probes to interesting ports on a target system (A)

Flashcards are hidden until you start studying