Susan

needs to scan a system for vulnerabilities, and she wants to use an open source

tool to test the system remotely. Which of the following tools will meet her

requirements and allow vulnerability scanning?

Which

of the following tools is most likely to be used during discovery?

During

a port scan, Susan discovers a system running services on TCP and UDP 137-139

and TCP 445, as well as TCP 1433. What type of system is she likely to find if she

connects to the machine?

Which

of the tools cannot identify a target’s operating system for a penetration

tester?

Angela

wants to test a web browser’s handling of unexpected data using an automated

tool. What tool should she choose?

During

a penetration test, Danielle needs to identify systems, but she hasn’t gained

sufficient access on the system she is using to generate raw packets. What type

of scan should she run to verify the most open services?

Which one of the following relationship pairs

describing types of penetration tests is incorrect?

What

step should occur after a vulnerability scan finds a critical vulnerability on

a system?

Nikto,

Burp Suite, and Wapiti are all examples of what type of tool?

Jim

uses a tool that scans a system for available services, then connects to them

to collect banner information to determine what version of the service is

running. It then provides a report detailing what it gathers, basing results on

service fingerprinting, banner information, and similar details it gathers

combined with CVE information. What type of tool is Jim using?