Question

A new cluster of virtual servers has been set up in a lab environment and must be audited before being allowed on the production network. The security manager needs to ensure unnecessary services are disabled and all system accounts are using strong credentials.

Which of the following tools should be used?

A. Fuzzer
B. SCAP scanner
C. Packet analyzer
D. Password cracker
E. Network enumerator
F. SIEM

Answer 1

The correct tool to use in this scenario is SCAP scanner. A SCAP scanner is designed to collect security-related information from systems and applications, and compare it against pre-established security policies or benchmarks.

Step-by-step explanation:

The correct tool to use in this scenario is SCAP scanner. A SCAP (Security Content Automation Protocol) scanner is designed to collect security-related information from systems and applications, and compare it against pre-established security policies or benchmarks.

It can help identify and mitigate security vulnerabilities, including unnecessary services and weak system credentials.

Fuzzers are used to test software applications for vulnerabilities by injecting invalid or unexpected data inputs. Packet analyzers are used to capture and analyze network traffic. Password crackers are tools used to recover or crack passwords.

Network enumerators are used to gather information about systems in a network. SIEM (Security Information and Event Management) systems are used for collecting, analyzing, and correlating security event logs and monitoring for potential security incidents.

Therefore, The correct tool to use in this scenario is SCAP scanner.