Questions

  1. Which of the following commands would you use to search through the .rules files for active Snort rules?
    A. grep -w 'alert' *.rules
    B. grep -i 'alert' *.rules
    C. grep '^alert$' *.rules
    D. grep 'alert' *.rules
  2. Which of the following best describes IPFire?
    A. A host-based firewall appliance with a built-in Network Intrusion Detection System
    B. An edge firewall appliance with a built-in Network Intrusion Detection System
  3. Which of the following utilities is best for scanning Sarbanes-Oxley compliance issues?
    A. Lynis
    B. Lynis Enterprise
    C. OpenVAS
    D. OpenSCAP
  1. What would you need in order to obtain a set of the official Snort detection rules?
    A. An Oinkcode.
    B. Nothing. The official Snort rules come already installed.
    C. Just use the sudo snort --update command.
    D. The official Snort rules can only be obtained via a paid subscription.
  2. Which of the following best represents what Snort is?
    A. HIDS
    B. GIDS
    C. NIDS
    D. FIDS
  3. Which of the following would you use as a general-purpose, external vulnerability scanner?
    A. OpenVAS
    B. Nikto
    C. OpenSCAP
    D. Lynis
  4. Which of these problems would you be most likely to find with a Nikto scan?
    A. That the Samba service is running, although it shouldn't be
    B. That the root user account is exposed to the internet via SSH
    C. That potentially malicious scripts reside in a CGI directory
    D. That the root user account is configured with a weak password
  5. What is a unique characteristic about Lynis?
    A. It's a proprietary, closed-source vulnerability scanner.
    B. It's a shell script that can be used to scan any Linux, Unix, or Unix-like operating system for vulnerabilities.
    C. It's an external vulnerability scanner.
    D. It can only be installed on a specialty security distro, such as Kali Linux.
  6. Which of these problems would you most likely find with Snort?
    A. A root user account with a weak password
    B. Servers without active firewalls
    C. Cryptocoin mining malware active on the network
    D. Root user accounts exposed to the internet via SSH
  7. Which of these statements is true regarding Security Onion?
    A. The control and sensor functions both work with the same network interface.
    B. The control network interface is set up without an IP address.
    C. The sensor network interface is set up without an IP address.
    D. The control and the sensor interfaces both require an IP address.
  1. What is the name of the default type of scan that you'll do with OpenVAS?
    A. Fast and Furious
    B. Full Scan
    C. Full and Fast Ultimate
    D. Full and Fast
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.134.118.95