CompTIA Security+ Question H-14

A new security analyst is given the task of determining whether any of the company’s servers are vulnerable to a recently discovered attack on an old version of SSH. Which of the following is the quickest FIRST step toward determining the version of SSH running on these servers?

A. Passive scanning
B. Banner grabbing
C. Protocol analysis
D. Penetration testing

Answer: B

Explanation:
B: Banner grabbing looks at the banner, or header information messages sent with data to find out about the system(s). Banners often identify the host, the operating system running on it, and other information that can be useful if you are going to attempt to later breach the security of it. Banners can be snagged with Telnet as well as tools like netcat or Nmap. In other words Banner grabbing looks at the banner, or header, information messages sent with data to find out about the system(s). Thus a quick way to check which version of SSH is running on your server.

CompTIA Security+ Question C-28

Although a vulnerability scan report shows no vulnerabilities have been discovered, a subsequent penetration test reveals vulnerabilities on the network. Which of the following has been reported by the vulnerability scan?

A. Passive scan
B. Active scan
C. False positive
D. False negative

Answer: D

Explanation:
With a false negative, you are not alerted to a situation when you should be alerted. A False negative is exactly the opposite of a false positive.