Professional Documents
Culture Documents
1. Which team tests the patches in the test environment in the vulnerability management
process?
2. Wireless access control comes under which category of CIS Top 20 Controls?
Organizational
Basic
Advanced
Foundational
3. Which of the following scan is deeper and gives more detailed scanning results?
Initial options profile scan
Un-credentialed vulnerability discovery
Asset discovery scan
Credentialed vulnerability scanning
5. Which of the following system configuration management tools is used for Linux
systems?
Active directory
Fim
Puppet
Cis cat pro
6. Which of the following CIS critical controls is discussed in this module?
Data protection
Secure configuration for network devices
Malware defense
Boundary defense
12. How many TCP and UDP ports are scanned in a default scan?
No ports are scanned by default
1900 UDP ports and 180 TCP ports
1900 TOCP ports and 180 UDP ports
65,535 TCP ports
13. What information do we get from open TCP and UDP ports?
Whether the host is alive or not
Network details of the host
Which services are running on the host
Which OS is running on the host
16. Which policy is recommended by the data protection control of CIS for mobile devices
usage in an organization?
Hard drive of mobile devices should be encrypted
Employees should use only personal mobile devices
Mobile devices should not be allowed
Mobile devices are allowed for higher management only
17. As per limitation and control of network control of CIS, active ports, protocols, and
services should be associated with.
Software assets in asset inventory
Hardware assets in asset inventory
All the assets in asset inventory
Active directory domain
18. Which cloud storage should be allowed to use in an organization as per CIS?
Hybrid cloud storage
Authorized cloud storage
Private cloud storage
Public cloud storage