312-50v12 Exam QuestionsBrowse all questions from this exam
Go to Exam

312-50v12 Exam - Question 14

An organization is performing a vulnerability assessment for mitigating threats. James, a pen tester, scanned the organization by building an inventory of the protocols found on the organization’s machines to detect which ports are attached to services such as an email server, a web server, or a database server. After identifying the services, he selected the vulnerabilities on each machine and started executing only the relevant tests.

What is the type of vulnerability assessment solution that James employed in the above scenario?

Show Answer
Correct Answer: D

James employed an inference-based assessment solution. This type of assessment starts by building an inventory of the protocols found on each machine. Following this, the scanning process detects which ports are attached to various services such as an email server, web server, or database server. Once these services are identified, related vulnerabilities are selected, and relevant tests are executed. This systematic approach aligns with the scenario described, making inference-based assessment the correct answer.

Discussion

16 comments
Sign in to comment
jeremy13Option: D
Apr 10, 2023

Book V12 : module 5 page 558 There are four types of vulnerability assessment solutions: product-based solutions, service-based solutions, tree-based assessment, and inference-based assessment. In an inference-based assessment, scanning starts by building an inventory of the protocols found on the machine. After finding a protocol, the scanning process starts to detect which ports are attached to services, such as an email server, web server, or database server. After finding services, it selects vulnerabilities on each machine and starts to execute only those relevant tests.

phojr
Jul 31, 2023

Do you have an offline book to read?

Juice98Option: D
May 7, 2023

▪ Inference-Based Assessment In an inference-based assessment, scanning starts by building an inventory of the protocols found on the machine. After finding a protocol, the scanning process starts to detect which ports are attached to services, such as an email server, web server, or database server. After finding services, it selects vulnerabilities on each machine and starts to execute only those relevant tests.

ptrckmOption: D
Apr 7, 2023

D. Inference-based assessment "In this approach, we pre-provide the tool with services and protocols found on the machine. The tool starts the scanning process to detect the ports attached to services... Once it finds the services, it scans only the provided services for vulnerabilities." according to https://www.linkedin.com/pulse/various-approaches-involved-vulnerability-assessment-solutions-aghao?trk=pulse-article_more-articles_related-content-card

ChiplessOption: D
Apr 14, 2023

In an inference-based assessment, scanning starts by building an inventory of the protocols found on the machine. After finding a protocol, the scanning process starts to detect which ports are attached to services, such as an email server, web server, or database server. After finding services, it selects vulnerabilities on each machine and starts to execute only those relevant tests. SOURCE: CEH v12 eBook Module 5 pg 375

insaniuntOption: A
Aug 6, 2023

In this scenario, James built an inventory of the protocols found on the organization's machines to detect which ports are attached to services such as an email server, a web server, or a database server. He then selected the vulnerabilities on each machine and executed only the relevant tests based on the services identified. This approach is characteristic of service-based solutions, where the vulnerability assessment is focused on specific services running on the machines.

[Removed]Option: D
Dec 16, 2023

D. Inference-based assessment. This was a question for me when I took the exam on 13 Dec 2023.

brrbrrOption: D
Feb 22, 2024

• Product-based solutions: installed in the internal network • Service-based solutions: offered by third parties • Tree-based assessment: different strategies are selected for each machine • Inference-based assessment 1. Find the protocols to scan 2. Scan and find the found protocols and their services, 3. Select the vulnerabilities and begins with executing relevant tests.

qtygbapjpesdayazko
Mar 9, 2024

This is the way

eli117Option: A
Apr 4, 2023

A. Service-based solutions Service-based solutions are a type of vulnerability assessment solution that focus on identifying the services and protocols that are running on a network or system. This involves building an inventory of the protocols found on the organization's machines in order to detect which ports are attached to services such as an email server, a web server, or a database server. Once the services have been identified, the vulnerabilities on each machine are selected, and only the relevant tests are executed. Option B (Product-based solutions) involves assessing the security of specific products or applications, such as operating systems or web applications. Option C (Tree-based assessment) and option D (Inference-based assessment) are not recognized types of vulnerability assessment solutions.

N00b1eOption: D
Sep 28, 2023

Tree-based Assessment is the approach in which auditor follows different strategies for each component of an environment Inference-based Assessment is the approach to assist depending on the inventory of protocols in an environment Source: https://github.com/g0rbe/CEH/blob/master/05_Vulnerability_Analysis.md

IPconfigOption: D
Oct 31, 2023

Inference-Based Assessment In an inference-based assessment, scanning starts by building an inventory of the protocols found on the machine. After finding a protocol, the scanning process starts to detect which ports are attached to services, such as an email server, web server, or database server. After finding services, it selects vulnerabilities on each machine and starts to execute only those relevant tests Service-Based Solutions Service-based solutions are offered by third parties, such as auditing or security consulting firms. Some solutions are hosted inside the network, while others are hosted outside the network. A drawback of this solution is that attackers can audit the network from the outside

teenwolf18Option: D
May 2, 2023

inference-based assessment: scanning starts by building an inventory of the protocols found on the machine.

HarrysphillsOption: A
May 31, 2023

A. Service-based solutions In a service-based vulnerability assessment, the focus is on identifying vulnerabilities associated with specific services or protocols running on the organization's machines. James built an inventory of the protocols found on the organization's machines to detect which ports are attached to services such as email server, web server, or database server. He then selected the vulnerabilities specific to each machine and executed relevant tests targeting those services. This approach allows for a more targeted and efficient assessment, focusing on the vulnerabilities associated with the identified services.

insaniuntOption: D
Nov 26, 2023

D. Inference-based assessment

kikourOption: A
Apr 11, 2024

detect which ports are attached to services such as an email server, a web server, or a database server It's finding for services

NicknpOption: D
May 8, 2024

Option D

cybershortieOption: D
Jul 17, 2024

D. Inference-based assessment starts with building inventory of protocols