Log in
Computer Science
1
answer
2
watching
169
views

An analyst executes a vulnerability scan against an internet-facing DNS server and receives the following report: -Vulnerabilities in Kernel-Mode Driver Could Allow Elevation of Privilege -SSL Medium Strength Cipher Suites Supported -Vulnerability in DNS Resolution Could Allow Remote Code Execution -SMB Host SIDs allows Local User Enumeration

Which of the following tools should the analyst use FIRST to validate the most critical vulnerability?
A. Password cracker
B. Port scanner
C. Account enumerator
D. Exploitation framework

Watch
1
answer
2
watching
169
views

For unlimited access to Homework Help, a Homework+ subscription is required.

Avatar image
Read by 1 person

Unlock all answers

Get 1 free homework help answer.
Already have an account? Log in
Share

Related questions

A vulnerability analyst identified a zero-day vulnerability in a company's internally developed software. Since the current vulnerability management system does not have any checks for this vulnerability, an engineer has been asked to create one.

Which of the following would be BEST suited to meet these requirements?

A. ARF

B. ISACs

C. Node.js

D. OVAL

someone is saying C and other is saying D : 

A vulnerability analyst identified a zero-day vulnerability in a company's internally developed software. Since the current vulnerability management system does not have any checks for this vulnerability, an engineer has been asked to create one.

Which of the following would be BEST suited to meet these requirements?

A. ARF

B. ISACs

C. Node.js

D. OVAL

NEED URGENT support

A high-severity vulnerability was found on a web application and introduced to the enterprise. The vulnerability could allow an unauthorized user to utilize an open-source library to view privileged user information. The enterprise is unwilling to accept the risk, but the developers cannot fix the issue right away.

Which of the following should be implemented to reduce the risk to an acceptable level until the issue can be fixed?

Options:

A Scan the code with a static code analyzer, change privileged user passwords, and provide security training.
B Change privileged usernames, review the OS logs, and deploy hardware tokens.
C Implement MFA, review the application logs, and deploy a WAF.
D Deploy a VPN, configure an official open-source library repository, and perform a full application review for vulnerabilities.

 

Related Documents

CSCI 4531 Lecture Notes - Lecture 10: Morris Worm, Browser Helper Object, Malware
yellowhorse239

Weekly leaderboard

Home
Homework Help 3,900,000
Computer Science 2,000
Start filling in the gaps now
Log in