VMware Workstation Pro：个人使用免费. VMWare Workstation Player 结束生命了。

 

Download Address:

VMware Workstation Pro for Personal (For Windows) 17.5.2

• Name: VMware-workstation-full-17.5.2-23775571.exe(618.26 MB) Build Number: 23775571
• Last Updated: May 16, 2024
• SHA2: 2c3a40993a450dc9a059563d07664fc0fb85ae398a57d22b1b4bf0e602417bf7
• MD5: c0a0353c1dade2089b55ce04ca942964
• Download link: VMware-workstation-full-17.5.2-23775571.exe (pass: winningpc.com)
• https://od.51sec.org/TGM_51Sec_EU/Sharing/VM/vmware/VMware-workstation-full-17.5.2-23775571-win-51sec.org.zip?preview  (pass:51sec.org)

VMware Workstation Pro for Personal Use (For Linux) 17.5.2

• Name: VMware-Workstation-Full-17.5.2-23775571.x86_64.bundle(510.58 MB) Build Number: 23775571
• Last Updated: May 16, 2024
• SHA2: a9da5e9b785ab98c6f49d1e769f6885028fd115c96e3cf0e6d22da3112b89a21
• MD5: 70adb9ba7305972eeb845eac5d69b32e
• Download link: VMware-Workstation-Full-17.5.2-23775571.x86_64.bundle (pass: winningpc.com)
• https://od.51sec.org/TGM_51Sec_EU/Sharing/VM/vmware/VMware-Workstation-Full-17.5.2-23775571.x86_64-linux-51sec.org.zip?preview  (pass:51sec.org)

 

VMware博客

https://blogs.vmware.com/workstation/2024/05/vmware-workstation-pro-now-available-free-for-personal-use.html

 

 

发行说明

https://docs.vmware.com/en/VMware-Workstation-Pro/17.5.2/rn/vmware-workstation-1752-pro-release-notes/index.html

 
 

 许可信息 License Info

原来的破解版升级之后的许可信息

 

全新安装会适配语言

Nessus Fundamentals Exam

 

Nessus Fundamentals Exam v2

You must answer all questions to proceed with the test

Single Choice

1)

To search for failed authentication what keyword should be used?

Authentication

login failure

Non credential

failed login

Single Choice

2)

What formats are supported when exporting scan data

Nessus and Nessus db

Nessus and CSV

Nessus db and SQL

SQL and CSV

Single Choice

3)

Which of the following is a Compliance benchmark?

Password Length

QRMS

NASL

HIPAA

Single Choice

4)

What is an example of a control?

Access control list requirements

Disabled services

Mininimum Password Length

All of these

Single Choice

5)

Best practices for Internal Vulnerability Assesments include

UDP port scanning on all ports

Log Analysis

Credentials

Non-Credentialed scans

Single Choice

6)

When considering compliance in general, what are we considering?

Configuration of Hosts

Low Vulnerabilities

Critical vulnerabilities in hosts

Intrusions

Single Choice

7)

What phrase should be searched on to confirm the scan was performed with sufficient privileges?

Sufficient privileges

Root privileges

Administrator privileges

Admin privileges

Single Choice

8)

If I want to search for a specific plugin from all available plugins I can use

The Nessus Database

the National Vulnerability Database

There is no publish list of all available plugins

The Tenable web site

Single Choice

9)

What possible types of copromise are described in the Impact field of the CVSS Vector?

Confidentiality

All three

Integrity

Availability

Single Choice

10)

When Installing Tenable Core+Nessus on Hyper-V what is the extension on the filename?

.cab

zip

gzip

.msi

Single Choice

11)

What port do you connect to with your web browser to configure Nessus?

8820

80

443

8834

Single Choice

12)

When using the Advanced Scan Policy, where would I find the setting to have the scan NOT test the Nessus host for vulnerabilities?

Assessment/Vuln Assessment

Advanced/Nessus

Plugins/Nessus

Discovery/Host Discovery

Single Choice

13)

If I wanted to filter for all low, medium, high and critical vulnerabilities what is a possible filter?

Match all of the following where severity is greater than none

Match All where severity is low, medium, high or critical.

Match All of the following, Severity is not equal to None

Match none of the following where severity is greater than info

Single Choice

14)

When Downloading Nessus make sure you select

Nessus Network Monitor

The right operating system and version

WinPcap

The source code

Single Choice

15)

What credentials, if provided, will not allow for complete vulnerability assessment

FTP Credentials

SNMP Credentials

SSH Credentials

Windows Credentials

Single Choice

16)

What Port does the management interface for Tenable Core + Nessus respond?

443

8000

25

80

Single Choice

17)

To confirm that credentials worked in a scan, what keyword should I search on?

Credentials

SMB

Admin

Authentication

Single Choice

18)

If I create a scan where I have disabled a plugin family, and then enabled plugins inside that family, if new plugins appear in the family, what will happen the next time the scan is run?

Plugins are never updated in Nessus

You will be prompted if you want to add the new plugins

The new plugins will be added to the scan

The new plugins will be disabled, and not run.

Single Choice

19)

Which of the following are optional when creating a scan?

Targets

Description

Scan policy

Name

Single Choice

20)

What is the username on the management interface upon initial installation of Tenable Core + Nessus?

admin

nessus

user

wizard

Single Choice

21)

If I want to do research on a specific vulnerability I could filter on

Host

Severity

Control

Plugin ID

Single Choice

22)

If I wanted to search for operating systems and applications that have been designated end of life (EOL) by the vendor, I would filter on:

End of life vulnerabilities

Unsupported by Vendor

EOL

Nessus cannot identify unsupported software versions.

Single Choice

23)

Compliance scan results can be viewed on what tab in Nessus?

Mitigation

Compliance

Controls

Remediation

Single Choice

24)

What operating system are supported by Nessus for installation?

All of these

Linux

Windows

Mac OS X

Single Choice

25)

When using the Tenable CORE + Nessus ISO for installation, what is the first step?

Convert it to zip

Install using installshield

Burn it to a CD, DVD

Install using RPM

Single Choice

26)

When performing compliance scan, the credentials must

Null

Be administrative in nature

Basic User Credentials

Compliance scans don't require credential

Single Choice

27)

If a given vulnerability has a folder next to it, that means

This vulnerability has been marked as special

This vulnerability appears in the remediations section

Additional scans may be required to identify additional vulnerabilities.

There are multiple vulnerabilities in that application or operating system

Single Choice

28)

If a compliance scan has no results, what should be checked?

Insufficient permissions on the account that is being used

An audit file that does not apply to the host being scanned.

Username and Password

All of these

Single Choice

29)

If the login banner is set, when does it appear?

After signing on

There is no login banner option.

Before signing on

When connecting to the management interface

Single Choice

30)

In which of the following cases would we use non credentialed scanning

to insure we are utilizing best practices

To capture log data

When there is no login port on the host

To identify vulnerabilities in the web browser on the host

Single Choice

31)

If a Plugin is in a family where the name contains "local security" checks, what is required in the scan definition?

The target be a Windows host

The Nessus agent be installed on the target

an audit file

Credentials

Single Choice

32)

Which of the following a possible reasons for receiving partial scan results?

There is a firewall blocking connectivity

The Nessus scanner cannot routeto one or more hosts.

One or more hosts is turned off

All of these

Single Choice

33)

What is the first step in the Nessus scan sequence

Probe port 443

Probe port 22

Ping the IP address being scanned

Log into the house

Single Choice

34)

When performing an offline registration, what is necessary to generate a license?

The activation code

Your email address and password.

The activation code and Challenge phrase

The Challenge phrase

Single Choice

35)

On the vulnerability tab, what column is not sortable

Severity

All columns are sortable

Family

Name

Single Choice

36)

Vulnerabilities labeled as Informational have a CVSS score of

1

0-1

They don't have a CVSS score

10

Single Choice

37)

After you create the first Nessus user

Nessus performs a host discovery scan

Nessus asks you for your network diagram

You need to reboot the host

Nessus downloads plugins

Single Choice

38)

What is NOT supported in a target range in a scan?

URL

Individual IPV6 address

IPv4 CIDR Block

Individual IPv4 address

Single Choice

39)

Which of the following is not part of the Cyber Exposure Lifecycle?

Discover

Fix

Assess

Incident Response

Single Choice

40)

Where in the Advanced Scan policy can you enable the vulnerability assessment of Network Printers?

Assessment/Printers

Advanced/Printers

Discovery/Host Discovery/Fragile Devices

Service Discovery/Fragile Devices

Single Choice

41)

The remediations tab in Nessus shows

A list of vulnerabilities, and the patches that are required to fix the specific vulnerabilities.

How many hosts need a specific patch, and the number of vulnerabilities will be fixed by applying the patch.

Attempted intrusions into the network, the vulnerabilities that were exploited, and how to mitigate and remediate against future intrusion.

A list of configuration failures, and the remediation actions that are required to bring the host into compliance.

Single Choice

42)

If on a Windows host, the remote registry service is set to manual, what must be changed in a scan policy?

Under Discovery enable "start remote registry"

The

under Advanced enable "Use WMI instead of remote registry for local checks"

Under credentials, enable the function "Start the Remote Registry Service during the Scan"

Single Choice

43)

What types of vulnerabilities are NOT identified by non credentialed scans

Vulnerabilities in applications that listen on ports

Linux Vulnerabilities

Windows Vulnerabilities

vulnerabilities in applications that do not listen on ports

Single Choice

44)

If a host does not meet the requirements benchmark it is labeled as a compliance

it will not appear in the results

Failure

Informational

Advisory

Single Choice

45)

Which of the following are true about a host discovery scan using the default template

The scan will identify all ports that are open on the host.

The scan will identify the operating system on each host

The scan will ping, and then probe a few ports on each host

The scan will identify services running on each host.

Single Choice

46)

Which of the following are possible approaches to prioritization when using the remediations tab?

Severity

Severity and vulnerability Count

Host and Severity Count

Host and/or Vulnerability Count

Single Choice

47)

In a non credentialed scan, Plugin ID 19506 (Nessus Scan Information) reports the scan as non credentialed using what phrase?

Credentials failed

Non credentialed check

Credentialed checks: no

unauthenticated scan

Single Choice

48)

On the Hosts tab, what column is NOT sortable?

Just the Vulnerability Column

The operating system column

The Host and Vulnerability Column

Just the Host Column

Single Choice

49)

When installing Nessus on a host that does not have internet connectivity activiation is done

You don't have to Activate Nessus in offline environments

Online

The host must have Internet connectivity

The same as if the host did have internet access

Single Choice

50)

If I want to prevent users from editing scan results what setting do I adjust

Allow Post Scan Editing

You can't disable this feature

Scans can never be edited

The user write permissions

Single Choice

51)

To identify when last plugins are last updated, you click on

Notifications

Scans

Plugins

Settings

Single Choice

52)

Which of the following is a type of compromise

Changing of data

Denial of service

Theft of data

All three

Single Choice

53)

When performing a credentialed scan of a Windows host, which of the following is NOT required.

WMI

Administrative Credentials

SMTP Credentials

Remote Registry

Single Choice

54)

When performing a compliance scan, what scan template should be used?

Basic Network Scan

Credentialed Patch Audit

PCI Quarterly External Scan

Policy Compliance Auditing

Single Choice

55)

When performing a credentialed scan of a Windows host, what privileges must the credentials have?

Null

Guest

Regular User

Domain Admin or Local Admin

Single Choice

56)

What part of the Cyber Exposure Lifecycle does Nessus not provide functionality for?

Measure

Fix

Assessment

Discovery

Single Choice

57)

If Scanning Operational technology asset, which section of the scan policy should be configured?

Assesment/OT

Nessus cannot scan operational technologies

Discovery/Host Discovery/Fragile Devices/ Scan Operational Technology Devices

Discovery/OT

Single Choice

58)

If I want to prioritize my remediation activities focusing on critical assets, what analysis method should be used?

Analysis by Host

Remediation analysis

Analysis by port

Analysis by vulnerability

Single Choice

59)

When performing a credentialed scan of a Linux host, what port must be available to the Nessus scanner?

SMTP

SNMP

SMB

SSH

Single Choice

60)

If I want to prioritize my remediation activites based upon critical applications, what analysis method should I use?

Remediation analysis

Host based analysis

Port based analysis

Vulnerability based analysis

Single Choice

2)

When installing Nessus on Microsoft Windows hosts, what also may be installed

Chrome

The C++ Interpreter

WinPcap

Nessus Network Monitor

Compliance Scan results appear on what tab in Nessus?

CIS

Vulnerabilities

Compliance

PCI Check

The Remediations tab allows the user to

Compliance issues that need to be addressed

Vulnerabilities that cannot be remediated

Identify patches, and vulnerability counts fixed by a given patch

Alternative solutions to vulnerbilities

In the filter, if I select "Match ALL of the following" what boolean logic is being applied?

AND

OR

Not OR

Exclusive OR

The Contents of an audit file can be viewed:

In any text editor

in Nessus

They cannot be viewed

In the Tenable Audit File Editor (TAFE)

When comparing scan results with Diff, if I set the primary results to the older scan I get

No Data

Vulnerabilities that have been mitigated

Vulnerabilities that are in the new scan that are not in the older scan

Newly identified vulnerabilities

When comparing scan results with Diff, if I set the primary results to the newer scan I get

Mitigated vulnerabilities

Newly identified vulnerabilities

No data

Vulnerabilities in the older scan that are not in the newer scan

When performing a discovery scan, what tab will not appear?

History

Remediation

Host

Vulnerabilities

TechTarget says that a vulnerablity creates:

a potential point of security compromise

intrusions that must be blocked

configuration issues that need to be addressed

a denial of service in our network.

Which of the following scan templates will not perform vulnerability analysis?

MDM Config Audit

Basic Vulnerability Scan

Host discovery

Policy Compliance Scan

When Live results are enabled in a scan, when is the scan checked for new possible vulnerabilities

Hourly

Never

Whenever new plugins are updated

Whenever the scan is relaunched

How do you configure Nessus if the host does not have Internet connectivity

Just as if it were online.

Using the USB key

Nessus must have internet connectivity

Offline Registration

A medium vulnerability has a CVSS score

Between 7-9

Between 40-60

Graded B or C

between 4-7

When creating a Filter with the condition "Match All of the following" what does this mean?

All conditions listed in the filter must be met.

Any one condition listed in the filter must be met

Two of the conditions in the filter must be met.

None of the conditions in the filter must be met.

External vulnerability assessments are

Not possible with Nessus

Normally performed on networks utilizing Network Address Translation

Vulnerability assessments of assets that have public exposure

Vulnerablity assessments to find vulnerablities accessible on ports

The Bell in the upper right hand Nessus window is

There is no bell in the upper right corner.

Notifications

Running scans

failed scans

Tenable Virtual appliance are known by what name?

Nessus cannot be virtualized

Tenable VM

Tenable Nessus Appliance

Tenable Core + Application

When examining the Remediations tab, what information is available?

The severity of the patch

How many hosts need a patch

What type of vulnerability exists

Alternatives to applying the patch

What types of Hashes are supported when scanning Windows hosts?

TRP

MD5

Lm hash and NTLM Hash

SSH

Enabling UDP ping in a host discovery policy, it will:

Have no impact on the scan

Significantly speed up the scan

Nessus cannot perform UDP pings

Significantly slow down the host

When virtualizing Nessus, how much should you increase your CPU and RAM?

50%

30%

100%

0%

If I am looking for a specific scan I should use

a SQL Query

A Regex Query

The Search box

You cannot search box

If I want Nessus to update plugins and software automatically, what setting should I use under updates?

Update all components

Download updates and install

Update plugins

Update everything

What types of scans are considered leading practices for vulnerability assessment

Non-credentialed

Compliance

Credentialed

Host Discovery

If I want to see when a scan started and ended, where would I look?

Plugin ID 24269

Scan details

The settings tab

The hosts tab

Vulnerability Severity is based upon

The POTS score

The CVSS Score

Tenable personnel

The IAEA score

What is a possible reason for receiving some, but not all vulnerability information on a host?

Credentials are incorrect

There is a load balancer between the Nessus scanner and the host.

All of these

Credentials have not been provided

In order for Nessus to send out an email with scan information once a scan has completed, what must be configured?

SMTP Server

IMAP Server

NNTP Server

Pop3 Server

How much storage is required to install the Tenable Core + Nessus ISO?

30 GB

1 TB

82 GB

10 GB

Nessus is installed on a Microsoft Windows host using

RPM

Nessus cannot run on Microsoft Windows

The C++ Compiler

The Windows Installer

What to Discovery Scan Templates allow us to do

Identify Hosts

Fulfill PCI scanning requirements

Perform compliance checks

Identify Critical Vulnerabilities

For Credentialed scans, where would I look for specific information about what was discovered to Identify the vulnerability.

Description

Plugin Output

 ??

Solution

See Also

The Filter "Exploited by Nessus" will only appear in results when

When the host has an exploitable vulnerability.

When Metasploit results are attached to the scan.

The Scan policy has safe checks disabled.

When Nessus crashes the host

Where do I create rules for plugins in an Advanced Dynamic Scan Policy?

The Plugins tab

The Dynamic Plugins tab

The rules tab

The advanced section

What is a critical first step to cyber exposure

Compliance assesment

Discovery of Asset

Installation of an IDS

Physical Security

What types of ping are not used in a default discovery scan?

TCP

ARP

UDP

ICMP

If I want to create a scan policy that does not use ARP ping, what scan template should I use as a baseline?

Policy compliance scan

Patch Audit

Host Discovery

Basic Network Scan

When performing a compliance scan using nessus, what must be attached to the scan policy?

An Audit file

A benchmark

Nessus cannot performan compliance scans.

a control file.

Scan Templates allow us to create

Target Groups

Asset lists

Scans with prebuilt scan policies

Custom Reports

Which of the following functions does Nessus not provide?

Vulnerability Assessment

Compliance Assessment

Intrusion Detection

Host Discovery

If I wanted to search on vulnerabilities where a possible compromise would be an impact on confidentiality, what could I filter on?

CVSS Risk contains confidentiality

Risk equals confidentiality

CVSS Vector contains Confidentiality

CVSS Vector contains C:P

Which of the following are possible results when checking a specific control in a compliance benchmark

Advisory

All three

Pass

Fail

Cyber Exposure focuses on

Compliance

Social Engineering

Vulnerability severity

Business Risk

Non Credentialed vulnerability scans identify vulnerabilities by

performing a series of port probes and external test

Using the internal tools of the host

Examining log entries on the host

Examining the configuration files on the host

If I create a custom scan policy, when I create a scan, where is the new policy located?

On the user defined tab under scan templates

Under the special scan tab

Under the custom scan tab

on the Scanner tab under new scan templates

In addition to traditional Host discovery scans, when using the host discovery template, what additional information can be gathered

Critical Vulnerabilities

Operating System

Compliance failures

Intrusions

To identify when last plugins are last updated, you click on

Scans

Settings

Plugins

Notifications

Single Choice

58)

Folders in Nessus allow you to

Seperate vulnerabilities

Separate hosts

Organize Scans

There are no folders in Nessus