4_3_1 Section 4 – Operations and Incident Response - 4.3 – Investigations- Vulnerability Scan Output

What is the primary purpose of a vulnerability scanner?

To identify potential vulnerabilities before an attacker can exploit them (correct)
To scan devices for malware
To monitor network traffic
To patch vulnerabilities automatically

What does a vulnerability scanner look for when scanning a device?

Signatures of known malware
Signatures of known vulnerabilities (correct)
Weak passwords on the device
Open ports on the device

Where can you find information on known vulnerabilities and how to resolve them?

National Vulnerability Database only
Google search
Both National Vulnerability Database and Microsoft Security Bulletins (correct)
Microsoft Security Bulletins only

What may a vulnerability scanner indicate about a potential vulnerability?

It may provide an obvious indication of a vulnerability, or a suggestion that a vulnerability may be present (C) Signup and view all the answers

What can a vulnerability scan reveal about a device?

A lack of security controls, among other things (A) Signup and view all the answers

What may be required to confirm a potential vulnerability indicated by a vulnerability scanner?

Manual research and connection to the device (D) Signup and view all the answers

What is a potential consequence of not having the latest signatures for your scanner?

Undetected vulnerabilities in the system (C) Signup and view all the answers

What can cause false positives and false negatives in a vulnerability scanner?

Network configurations or system settings (D) Signup and view all the answers

Why is it important to work with your vulnerability scanner manufacturer?

To configure the scanner correctly for your system (C) Signup and view all the answers

What is the purpose of updating scanner signatures?

To provide the most accurate set of signatures (C) Signup and view all the answers

What is a potential outcome of a false negative in a vulnerability scanner?

The system is vulnerable to unknown attacks (D) Signup and view all the answers

What is one of the things that a vulnerability scan can identify?

An open network share that does not require authentication (C) Signup and view all the answers

Why is it important to update the database in a vulnerability scanner?

To identify new vulnerabilities as they are discovered (C) Signup and view all the answers

What is a critical vulnerability found in the scan?

Unix operating system unsupported version detection (D) Signup and view all the answers

What is a false positive in a vulnerability scan report?

A problem that doesn't exist at all, but was miscategorized as a vulnerability (D) Signup and view all the answers

What is the concern with a false negative in a vulnerability scan?

It may not be identified by the scanner (C) Signup and view all the answers

What is the purpose of a vulnerability scan?

To inform us of problems with the system, such as lack of antivirus software (C) Signup and view all the answers

What is an example of a medium category vulnerability found in the scan?

A system with an unencrypted telnet server (D) Signup and view all the answers

What does a vulnerability scan report provide?

A list of all vulnerabilities found on the system, categorized by severity (D) Signup and view all the answers

What is an example of informational vulnerabilities found in the scan?

A large number of informational vulnerabilities on the system (A) Signup and view all the answers

What is the significance of a system running an unsupported version of Ubuntu?

It is a critical vulnerability (D) Signup and view all the answers