1. A baseline is the initial settings in a newly installed system.
True
False
2. A baseline, also called a ________, is a collection of settings at a specific point in time.
3. Which Microsoft tool analyzes a computer’s settings and compares its configuration with a baseline?
SCA
MBSA
OpenVAS
SCT
4. Stored settings that make up a baseline are stored in which type of files?
Baseline configuration
Baseline database
Security template
Security object
5. The Security Configuration and Analysis tool operates as a snap-in to the ________.
6. Which command-line tool provides the same scanning capability as SCA?
Secedit
Mbsacli
Scacli
Mbsaedit
7. Which of the following products does MBSA not analyze?
IIS
SQL Server
Adobe Acrobat
Windows 7
8. MBSA automatically ranks vulnerabilities by severity.
True
False
9. Which command-line tool provides the same scanning capability as MBSA?
Secedit
Mbsacli
Scacli
Mbsaedit
10. Which security scanner commonly runs as a Linux virtual machine?
SCA
OpenVAS
Retina
MBSA
11. Which vulnerability scanner discussed in this chapter makes its source code available?
Retina
nexpose
Nessus
OpenVAS
12. Which security scanner runs in a web browser and doesn’t require that you install a product before scanning?
MBSA
OpenVAS
SCT
PSI
13. Which of the following statements best describe the relationship between profiling and auditing?
Auditing is often a part of profiling.
Profiling is often a part of auditing.
Profiling and auditing are interchangeable terms.
If auditing is in place, profiling is not necessary.
14. When designing an audit strategy, you should log access attempts on the ________ number of objects.
15. What is the main purpose of an audit?
To uncover problems
To catch errors
To validate compliance
To standardize configurations
18.119.142.232