Mbsa - Study guides, Class notes & Summaries

CYBR1100 Spring 2018 Ch 11 Quiz What are the six Ps of security? - Answer-Ports, patch, protect, probe, policies, physical How might you ensure that system patches are kept up to date? - Answer-Use an automated patching system. Which of the following is a good reason to check dependencies before shutting down a service? - Answer-To determine whether shutting down this service will affect other services Which of the following is a common way to establish security between a web server an...

CySA+ Practice Tests: Ch. 1 Domain 1: Threat Management 1-20 correct answers 20221. Charles wants to use active discovery techniques as part of his reconnaissance efforts. Which of the following techniques fits his criteria? A. Google searching B. Using a Shodan search C. Using DNS reverse lookup D. Querying a PGP key server C. DNS reverse lookup is an active technique. Google and Shodan are both search engines, while a PGP key server does not interact with the target site and is considered...

TESTOUT Security Pro Q &A VERIFIED Which of the following functions can a port scanner provide? -Determining which ports are open on a firewall -Discovering unadvertised servers Which of the following is the type of port scan that does not complete the full three-way TCP handshake, but rather listens only for either SYN/ACK or RST/ACK packets? You want to make sure that a set of servers will only accept traffic for specific network services. You have verified that the servers are only ...

CySA+ Tools Questions and Answers Already Passed SIEM utilities that receive information from log files of critical systems and centralize the collection and analysis of this data. ArcSight SIEM Example Offers multiple models Can generate compliance reports for HIPAA, SOX and PCI-DSS QRadar SIEM Example helps eliminate noise by applying advanced analytics to chain multiple incidents together and identify security offenses requiring action. Splunk SIEM Example Uses machine-driven data imported...

CompTIA CySA+ Questions and Answers 100% Correct What is SIEM? Security information and event management; centralized management of information and events regarding the devices on a network, including logs and other security-related documentation. What is SCAP? Security Content Automation Protocol (SCAP) allows an organization to use automated vulnerability management and security policy compliance metrics. What is Splunk? SIEM system What is Snort? IDS/IPS What is AlienVault? SIEM system W...

PILAR correct answer: Risk analysis and Management tool Pilar correct answer: Assess risk against critical assets. Qualitative and quantitative. Generate risk assessment reports Group Policy Management console correct answer: Security policy Tools Manageengine ... plus correct answer: Ticketing system Tools Alien vault correct answer: Ticketing system Tools Busk-security correct answer: Incident analysis and validation Tools Busk-security correct answer: Collection of se...

Lab Assessment Questions 1. Why is it important to run the MBSA? According to Microsoft (n.d.), the Microsoft Baseline Security Analyzer provides a streamlined method to identify missing security updates and common security misconfigurations. It is important to run MBSA to ensure your system is up to date and secure. 2. What does an MBSA analysis look for? MBSA analysis tries to find missing security updates and less secured system settings (configurations) within Microsoft...

PILAR CORRECT ANSWER Risk analysis and Management tool Pilar CORRECT ANSWER Assess risk against critical assets. Qualitative and quantitative. Generate risk assessment reports Group Policy Management console CORRECT ANSWER Security Policy Tools Manage engine ... plus CORRECT ANSWER Ticketing System Tools Alien vault CORRECT ANSWER Ticketing System Tools Busk-security CORRECT ANSWER Incident analysis and validation Tools Busk-security CORRECT ANSWER Collection of security checks...

incident handling response steps correct answer: 1. Preparation 2. Incident Recording 3. Incident Triage 4. Notification 5. Containment 6. Evidence Gathering and Forensic Analysis 7. Eradication 8. Recovery 9. Post-Incident Activities- Incident Documentation- Incident Impact Assessment- Review and Revise Policies- Close the Investigation- Incident Disclosure Risk Assessment Management tools correct answer: PILAR - It helps incident handlers to assess risks against critical asse...