Sunday, March 10, 2024

Nessus Fundamentals Exam

 


Nessus Fundamentals Exam v2

You must answer all questions to proceed with the test
Single Choice
1)
To search for failed authentication what keyword should be used?
Single Choice
2)
What formats are supported when exporting scan data
Single Choice
3)
Which of the following is a Compliance benchmark?
Single Choice
4)
What is an example of a control?
Single Choice
5)
Best practices for Internal Vulnerability Assesments include
Single Choice
6)
When considering compliance in general, what are we considering?
Single Choice
7)
What phrase should be searched on to confirm the scan was performed with sufficient privileges?
Single Choice
8)
If I want to search for a specific plugin from all available plugins I can use
Single Choice
9)
What possible types of copromise are described in the Impact field of the CVSS Vector?
Single Choice
10)
When Installing Tenable Core+Nessus on Hyper-V what is the extension on the filename?
Single Choice
11)
What port do you connect to with your web browser to configure Nessus?
Single Choice
12)
When using the Advanced Scan Policy, where would I find the setting to have the scan NOT test the Nessus host for vulnerabilities?
Single Choice
13)
If I wanted to filter for all low, medium, high and critical vulnerabilities what is a possible filter?
Single Choice
14)
When Downloading Nessus make sure you select
Single Choice
15)
What credentials, if provided, will not allow for complete vulnerability assessment
Single Choice
16)
What Port does the management interface for Tenable Core + Nessus respond?
Single Choice
17)
To confirm that credentials worked in a scan, what keyword should I search on?
Single Choice
18)
If I create a scan where I have disabled a plugin family, and then enabled plugins inside that family, if new plugins appear in the family, what will happen the next time the scan is run?
Single Choice
19)
Which of the following are optional when creating a scan?
Single Choice
20)
What is the username on the management interface upon initial installation of Tenable Core + Nessus?
Single Choice
21)
If I want to do research on a specific vulnerability I could filter on
Single Choice
22)
If I wanted to search for operating systems and applications that have been designated end of life (EOL) by the vendor, I would filter on:
Single Choice
23)
Compliance scan results can be viewed on what tab in Nessus?
Single Choice
24)
What operating system are supported by Nessus for installation?
Single Choice
25)
When using the Tenable CORE + Nessus ISO for installation, what is the first step?
Single Choice
26)
When performing compliance scan, the credentials must
Single Choice
27)
If a given vulnerability has a folder next to it, that means
Single Choice
28)
If a compliance scan has no results, what should be checked?
Single Choice
29)
If the login banner is set, when does it appear?
Single Choice
30)
In which of the following cases would we use non credentialed scanning
Single Choice
31)
If a Plugin is in a family where the name contains "local security" checks, what is required in the scan definition?
Single Choice
32)
Which of the following a possible reasons for receiving partial scan results?
Single Choice
33)
What is the first step in the Nessus scan sequence
Single Choice
34)
When performing an offline registration, what is necessary to generate a license?
Single Choice
35)
On the vulnerability tab, what column is not sortable
Single Choice
36)
Vulnerabilities labeled as Informational have a CVSS score of
Single Choice
37)
After you create the first Nessus user
Single Choice
38)
What is NOT supported in a target range in a scan?
Single Choice
39)
Which of the following is not part of the Cyber Exposure Lifecycle?
Single Choice
40)
Where in the Advanced Scan policy can you enable the vulnerability assessment of Network Printers?
Single Choice
41)
The remediations tab in Nessus shows
Single Choice
42)
If on a Windows host, the remote registry service is set to manual, what must be changed in a scan policy?
Single Choice
43)
What types of vulnerabilities are NOT identified by non credentialed scans
Single Choice
44)
If a host does not meet the requirements benchmark it is labeled as a compliance
Single Choice
45)
Which of the following are true about a host discovery scan using the default template
Single Choice
46)
Which of the following are possible approaches to prioritization when using the remediations tab?
Single Choice
47)
In a non credentialed scan, Plugin ID 19506 (Nessus Scan Information) reports the scan as non credentialed using what phrase?
Single Choice
48)
On the Hosts tab, what column is NOT sortable?
Single Choice
49)
When installing Nessus on a host that does not have internet connectivity activiation is done
Single Choice
50)
If I want to prevent users from editing scan results what setting do I adjust
Single Choice
51)
To identify when last plugins are last updated, you click on
Single Choice
52)
Which of the following is a type of compromise
Single Choice
53)
When performing a credentialed scan of a Windows host, which of the following is NOT required.
Single Choice
54)
When performing a compliance scan, what scan template should be used?
Single Choice
55)
When performing a credentialed scan of a Windows host, what privileges must the credentials have?
Single Choice
56)
What part of the Cyber Exposure Lifecycle does Nessus not provide functionality for?
Single Choice
57)
If Scanning Operational technology asset, which section of the scan policy should be configured?
Single Choice
58)
If I want to prioritize my remediation activities focusing on critical assets, what analysis method should be used?
Single Choice
59)
When performing a credentialed scan of a Linux host, what port must be available to the Nessus scanner?
Single Choice
60)
If I want to prioritize my remediation activites based upon critical applications, what analysis method should I use?
Single Choice
2)
When installing Nessus on Microsoft Windows hosts, what also may be installed