Question: A security analyst needs to test it security of a server that resides in the company's DMZ. The analyst runs a scan on the server

A security analyst needs to test it security of a server that resides in the company's DMZ. The analyst runs a scan on the server and discovers the following:

Port state service

21/tcp open ftp

25/tcp open smtp

| smnp-vuln-cve2010-4344:

| _ The SMNP server is not Exim: NOT VULNERABLE

| ssl-dh-params:

| VULNERABLE:

| Diffie-Hellman Key Exchange Insufficient Group Strength

|_State: VULNERABLE

143/tcp open imap

| ssl-dh-params:

| VULNERABLE:

| Diffie-Hellman Key Exchange Insufficient Group Strength

|_State: VULNERABLE

Which of the following should the analyst use next to test the security of the server?

  1. Password cracker

  2. Port scanner

  3. Banner grabbing utility

  4. vulnerability scanner

  5. open relay SMTP testin

Step by Step Solution

There are 3 Steps involved in it

1 Expert Approved Answer
Step: 1 Unlock blur-text-image
Question Has Been Solved by an Expert!

Get step-by-step solutions from verified subject matter experts

Step: 2 Unlock
Step: 3 Unlock

Students Have Also Explored These Related Databases Questions!

Q:

1. Which of the following principles describes how a security analyst should communicate during an incident? A. The communication should be limited to trusted parties only. B. The communication...

Q:

1. The business has been informed of a suspected breach of customer data. The internal audit team, in conjunction with the legal department, has begun working with the cybersecurity team to validate...

Q:

A&D High Tech (A): Managing Projects for Success In his twelve years as a technology project manager at A&D High Tech, Chris Johnson had a strong track record of delivering projects on time and on...

Q:

A security professional is testing the Wi-Fi with MDK4 and wants to create the appearance of many wireless networks. Which of the following modes should they use? Seloct one: W B D A A security...

Q:

Please Answer If You Are 100% Sure 259. A security analyst is conducting a vulnerability assessment of older SCADA devices on the corporate network. Which of the following compensating controls is...

Q:

Due Week 4: Work Breakdown Structure According to the PMBOK Guide, "the WBS is a deliverableoriented hierarchical decomposition of the work to be executed by the project team, to accomplish the...

Q:

CHA P TER 9 Understanding Software: A Primer for Managers 1. INTRODUCTION L E A R N I N G O B J E C T I V E S 1. Recognize the importance of software and its implications for the rm and strategic...

Q:

1. A computer has been infected with a virus and is sending out a beacon to command and control server through an unknown service. Which of the following should a security technician implement to...

Q:

354. An organization is performing vendor selection activities for penetration testing, and a security analyst is reviewing the MOA and rules of engagement, which were supplied with proposals. Which...

Q:

Q1-Which of the following would be BEST to establish between organizations to define the responsibilities of each party outline the key deliverables and include monetary penalties for breaches to...

Q:

What is the relationship between learning and cognition?

Q:

You are the Chief Accounting Officer for your familys business, RB Johnson Aviation Company (the Company). The Company, which files its income tax returns as a C Corporation, is engaged in the...

Q:

How does international diversification of loans help banks manage risk

Q:

Vanishing Games Corporation ( VGC ) operates a massively multiplayer online game, charging players a monthly subscription of $ 1 4 . At the start of January 2 0 2 1 , VGC ' s income statement...

Q:

LO3 Outline how HRs strategies are merged with organizational strategies and give two examples.

Q:

1. Discuss how globalization has changed jobs in an organization where you have worked. What are some HR responses to those changes?

Q:

LO1 Summarize the organizations strategic planning process.