Answer:
a) Viruses
Explanation:
Vulnerability assessment is performed by variety of tools and these can be protocol analyzer, vulnerability scanner, Honeypots, port scanners, honey nets and banner grabbing tools.
Port scanners : they are used to scan the ports which can be exploited by attackers. Most of TCP/IP applications communicate using different ports and attackers can exploit these ports if they are found vulnerable. for example : ports like 80 and 443 are commonly used for HTTP and SSL communication. 22 is used for SSH and if they are open to world then it will allow attackers to use those to get the entry into the system.
Protocol Analyzers : They are used to analyze the packet captures. tools like wireshark, tshark, these tools will help user to decode HTTP/SSL/HTTPS/FTP/RSTP or any application protocols communication. this will help user to understand any unwanted or non-anticipated traffic.
Vulnerability Scanners : They are used to detect the vulnerabilities in the network or systems. these will help administrators to get the alerts whenever there are unanticipated activity. It will have two types of scanners one is active scanner and other is passive scanner. Active scanners will keep on sending probes at the fixed time slots and passibe scanners will be in listening mode all the time. These scanners will alert when a new nodes comes up or goes down or if any system gets compromised.
Honeypots and Honey nets : They are devices or softwares which are having limited security. These devices are made vulnerable purposefully so that attackers can try and attack. This will help softwares to detect the attackers when they try to exploit these open vulnerabilities. They are deceptions created with purpose.
Banner grabbing Tools : These are tools which will capture the banner information like HTTP protocol version, underlying operating system, open ssl versions being used, server software and similar information. these are important as it will open up potential vulnerabilities in the underlying software. for ex : SSLv3 has a vulnerability known to world and can be exploited by anyone.
CCIE refers to Cisco Certified Internetwork Expert, a technical certification that demonstrates high proficiency of managing and establishing computer networks.
CSPM may refer to Certified Security Project Manager, which is a certification to demonstrate the individual’s capability in managing project in the field of cybersecurity.
MCITP refers to Microsoft Certified IT Professional, which demonstrates an individual’s ability to be a database or enterprise messaging administrator.
Oracle DBA refers to Oracle Database Administrator, and this certification demonstrates an individual’s ability to manage Oracle’s database from retrieving, maintaining, and editing them.
While PMP refers to Project Management Professional certification, one that you can use to prove your abilities as a project manager in various business contexts.
Thus, the best certification for him to use to get to a managerial career path is PMP.
The statement “Declarative knowledge refers to statements of
fact” is TRUE.
The statement “Imperative knowledge refers to
'how to' methods” is also TRUE.
I am hoping that these answers
have satisfied your queries and it will be able to help you in your endeavors, and
if you would like, feel free to ask another question.
