GIAC Certified Incident Handler (GCIH) — Question 82
You work as a Network Administrator for Net Perfect Inc. The company has a Windows-based network. The company wants to fix potential vulnerabilities existing on the tested systems. You use Nessus as a vulnerability scanning program to fix the vulnerabilities. Which of the following vulnerabilities can be fixed using
Nessus?
Each correct answer represents a complete solution. (Choose all that apply.)
Answer options
- A. Misconfiguration (e.g. open mail relay, missing patches, etc.)
- B. Vulnerabilities that allow a remote cracker to control sensitive data on a system
- C. Vulnerabilities that allow a remote cracker to access sensitive data on a system
- D. Vulnerabilities that help in Code injection attacks
Correct answer: A, B, C
Explanation
Nessus is designed to identify and help remediate a variety of vulnerabilities, including misconfigurations and those that could allow unauthorized access or control over sensitive data. Options B and C relate to vulnerabilities that threaten sensitive data management, which Nessus can help address, while option D pertains to a specific attack vector that Nessus does not directly fix.