Cyber Threat Management: Endpoint Vulnerability Assessment Quiz Answer

In this article i am gone to share Cyber Threat Management: 4.4.2 Endpoint Vulnerability Quiz Answer with you..

Go to this Course

https://skillsforall.com/course/cyber-threat-management

4.4.2 Endpoint Vulnerability Quiz

Question 1)

In profiling a server, what defines what an application is allowed to do or run on a server?

user accounts
listening ports
service accounts
software environment

Question 2)

In network security assessments, which type of test is used to evaluate the risk posed by vulnerabilities to a specific organization including assessment of the likelihood of attacks and the impact of successful exploits on the organization?

risk analysis
port scanning
penetration testing
vulnerability assessment

Question 3)

When a network baseline is being established for an organization, which network profile element indicates the time between the establishment of a data flow and its termination?

ports used
total throughput
session duration
critical asset address space

Question 4)

This question component requires you to select the matching option. When you have selected your answers select the submit button.

Match the server profile element to the description.

Question 5)

Which type of evaluation includes the assessment of the likelihood of an attack, the type of threat actor likely to perpetrate such an attack, and what the consequences could be to the organization if the exploit is successful?

risk analysis
vulnerability identification
penetration testing
server profiling

Question 6)

A cybersecurity analyst is performing a CVSS assessment on an attack where a web link was sent to several employees. Once clicked, an internal attack was launched. Which CVSS Base Metric Group Exploitability metric is used to document that the user had to click on the link in order for the attack to occur?

availability requirement
integrity requirement
scope
user interaction

Question 7)

Which metric class in the CVSS Basic Metric Group identifies the impacts on confidentiality, integrity, and availability?

Impact
Exploitability
Modified Base
Exploit Code Maturity

Question 8)

Which metric in the CVSS Base Metric Group is used with an attack vector?

the proximity of the threat actor to the vulnerability
the determination whether the initial authority changes to a second authority during the exploit
the presence or absence of the requirement for user interaction in order for an exploit to be successful
the number of components, software, hardware, or networks, that are beyond the control of the attacker and that must be present in order for a vulnerability to be successfully exploited

Question 9)

Which statement describes the threat-vulnerability (T-V) pairing?

It is the advisory notice from a vulnerability research center.
It is the comparison between known malware and system risks.
It is the detection of malware against a central vulnerability research center.
It is the identification of threats and vulnerabilities and the matching of threats with vulnerabilities.

Question 10)

In addressing an identified risk, which strategy aims to shift some of the risk to other parties?

risk sharing
risk retention
risk reduction
risk avoidance

Question 11)

Which step in the Vulnerability Management Life Cycle categorizes assets into groups or business units, and assigns a business value to asset groups based on their criticality to business operations?