Q. What software component is responsible for enforcing the separation of guest systems in a virtualized infrastructure?

View solution

Q. Which one of the following conditions would not result in a certificate warning during a vulnerability scan of a web server?

View solution

Q. Betty is selecting a transport encryption protocol for use in a new public website she is creating. Which protocol would be the best choice?

View solution

Q. Which one of the following protocols should never be used on a public network?

View solution

Q. The Dirty COW attack is an example of what type of vulnerability?

View solution

Q. In what type of attack does the attacker place more information in a memory location than is allocated for that use?

View solution

Q. Which one of the following operating systems should be avoided on production networks?

View solution

Q. Which one of the following is not a common source of information that may be correlated with vulnerability scan results?

View solution

Q. Tara recently analyzed the results of a vulnerability scan report and found that a vulnerability reported by the scanner did not exist because the system was actually patched as specified. What type of error occurred?

View solution

Q. Kevin recently identified a new security vulnerability and computed its CVSS base score as 6.5. Which risk category would this vulnerability fall into?

View solution

Q. Which one of the following metrics is not included in the calculation of the CVSS exploitability score?

View solution

Q. What is the most recent version of CVSS that is currently available?

View solution

Q. Which one of the following values for the confidentiality, integrity, or availability CVSS metric would indicate the potential for total compromise of a system?

View solution

Q. Which one of the following values for the CVSS attack complexity metric would indicate that the specified attack is simplest to exploit?

View solution

Q. Which one of the CVSS metrics would contain information about the type of user account an attacker must use to execute an attack?

View solution

Q. Tom is reviewing a vulnerability scan report and finds that one of the servers on his network suffers from an internal IP address disclosure vulnerability. What protocol is likely in use on this network that resulted in this vulnerability?

View solution

Q. What is a suggested solution often provided in vulnerability scan reports?

View solution

Q. What does the CVSS base score consider regarding the impact of a vulnerability?

View solution

Q. What should administrators do to protect against virtual machine escape attacks in virtualized infrastructure?

View solution

Q. What causes vulnerabilities in SSL and TLS encryption?

View solution