An administrator is concerned that a company’s web server has not been patched. Which of the following would be the BEST assessment for the administrator to perform?
A. Vulnerability scan
B. Risk assessment
C. Virus scan
D. Network sniffer
CompTIA exam questions
An administrator is concerned that a company’s web server has not been patched. Which of the following would be the BEST assessment for the administrator to perform?
A. Vulnerability scan
B. Risk assessment
C. Virus scan
D. Network sniffer
A security administrator wants to perform routine tests on the network during working hours when certain applications are being accessed by the most people. Which of the following would allow the security administrator to test the lack of security controls for those applications with the least impact to the system?
A. Penetration test
B. Vulnerability scan
C. Load testing
D. Port scanner
A large multinational corporation with networks in 30 countries wants to establish an understanding of their overall public-facing network attack surface. Which of the following security techniques would be BEST suited for this?
A. External penetration test
B. Internal vulnerability scan
C. External vulnerability scan
D. Internal penetration test
Which of the following is MOST critical in protecting control systems that cannot be regularly patched?
A. Asset inventory
B. Full disk encryption
C. Vulnerability scanning
D. Network segmentation
The process of attempting to exploit a weakness in a network after being given permission by the company is known as:
A. penetration testing
B. vulnerability scanning
C. reconnaissance
D. social engineering