Risk Management Module 10-Exam Questions and Verified Answers, 100% Score Guarantee Pass (Latest 2025) Which of the following terms identifies the weakness of a system that could lead to compromised information or unauthorized access? - Correct Answers ✅Vulnerability Vulnerability can be defined as the weakness of a system that could lead to compromised information or unauthorized access.Rob has enrolled himself as a network security trainee in JV Internet Securities. Which of the following terms should he know to understand the advantage taken of a software vulnerability that hasn't yet or only very recently become public? - Correct Answers ✅Zero-day exploit Correct. A zero-day exploit, or zero-day attack, is one that takes advantage of a software vulnerability that hasn't yet or has only very recently become public.Which of the following testing tools combines known scanning and exploit techniques to explore potentially new attack routes? - Correct Answers ✅Metasploit Correct. Metasploit is a popular penetration testing tool that combines known scanning and exploit techniques to explore potentially new attack routes. 1 / 3
Risk Management Module 10-Exam Questions and Verified Answers, 100% Score Guarantee Pass (Latest 2025) Which of the following is a type of DoS (denial-of-service) attack that is bounced off uninfected computers before being directed at the target? - Correct Answers ✅DRDoS attack Correct. DRDoS (distributed reflection DoS) attack is a type of DDoS attack that is bounced off uninfected computers, called reflectors, before being directed at the target.HealthCity Nursing Home is a newly opened hospital with many employees, doctors, nurses, and support staff. The upper management of the hospital wants to draft a security policy that outlines the guidelines, rules, restrictions, and consequences of violations, all of which help minimize the risk involved in allowing restricted access to some users. The doctors who have access to protected patient information must be informed what they can and can't do with that patient data and what special precautions they must take to protect patients' privacy. Certain checks and balances must also be maintained and defined in the policy measures in detail. Which of the following security policies should be used in this scenario? - Correct Answers ✅A PUA (privileged user agreement) Kickstart Securities provides network analysis and safety measurement services to various clients. Recently, one of its clients has requested a technician to run a cross-check on the network system to ensure that there are no vulnerabilities that are exposed. You have been sent in to assess the situation and fix the errors if there are any. Which of the 2 / 3
Risk Management Module 10-Exam Questions and Verified Answers, 100% Score Guarantee Pass (Latest 2025) following will you use in such a scenario to track the vulnerabilities across systems? - Correct Answers ✅CVE Correct. CVE (Common Vulnerabilities and Exposures) provides a tracking system that is used by vulnerability databases.Zeneth Computers is a software development company. It has received a random email claiming that there will be an attempt to hack and extract sensitive financial data of the company before the year end. The company has contacted you, a network analyst, to verify if such claims are indeed true. You have decided to set up a trap for the hackers by putting up a system containing false financial data. Which of the following will you use in this scenario? - Correct Answers ✅Honeypot Correct. A honeypot is a decoy system that is purposely vulnerable and filled with what appears to be sensitive (though false) content, such as financial data. This should be used in this scenario.In which of the following phases of the social engineering attack cycle will an attacker require the most time investment? - Correct Answers ✅Research Correct. In the social engineering attack cycle, research is the most important, and it often requires the most time investment.
- / 3