Question

A cyber security analyst finds that unpatched servers have undetected vulnerabilities because the vulnerability scanner does not have the latest set of signatures. Management directed the security team to have personnel update the scanners with the latest signatures at least 24 hours before conducting any scans, but the outcome is unchanged. Which of the following is the BEST logical control to address the failure?

A. Manually validate that the existing update is being performed.

B. Configure a script to automatically update the scanning tool

C. Configure vulnerability scans to run in credentialed mode

D. Test vulnerability remediation in a sandbox before deploying.

-------------------------------------------------------------------------------------------------------------

A system administrator is doing network reconnaissance of a company's external network to determine the vulnerability of various services that are running. Sending some sample traffic to the external host, the administrator obtains the following packet capture: 1a 17.646496 67.53.200.1 67.53.200.12 TCP 58 47669 -> 22 [SYN] Seq=o Win=1024 Len= 133=1460 19 17.646944 67.53.200.1 67.53.200.12 CP 58 47669 -> 445 [SYN] Seq=0 win=1024 Len0 M$=1460 20 17.648631 67.53.200.12 67.53.200.1 TCP 58 22 -> 47669 [SYN, ACK) Seqro Ack=1 Win=5840 Len=0 M88=1460 21 17.648646 67.53.200.1 67.53.200.12 TCP 58 47669 -> 80 [SYN] Seq=0 win=1024 Len=0 MSS=1460 22 17.648887 67.53.200.12 67.53.200.1 TCP 54 445 -> 47669 [RST, ACK) Seqel Ack=1 Win=0 Len=0 23 17.649763 67.53.200.12 67.53.200.1 TCP 54 80 -> 47669 [RST, ACK] Seq=1 Ack=1 wino Len=0 Based on the output, which of the following services should be further tested for vulnerabilities?

Based on the output, which of the following services should be further tested for vulnerabilities?

A. SSH

B. HTTP

C. SMB

D. HTTPS

Please i need expert answers and explanations for a thumbs up.

Answer 1

for question 1 the correct option is B. Configure a script to automatically update the scanning tool because rarther than updating the signature manually we can configure s script that will do our work and make it easier for the system to be secure.

for second the correct option is C.) SMB as is some cases above the ACK is not being followed by the server so there might be possibility of the file sharing access might clash and could result in disintegrity of the file or data