41. Which of the following is used to quantitatively measure the criticality of a vulnerability?

50. A security practitioner completes a vulnerability assessment on a company's network and finds several vulnerabilities, which the operations team remediates. Which of the following should be done next?

54. 54. After a recent vulnerability scan, a security engineer needs to harden the routers within the corporate network. Which of the following is the most appropriate to disable?

65. A small business uses kiosks on the sales floor to display product information for customers. A security team discovers the kiosks use end-of-life operating systems. Which of the following is the security team most likely to document as a security implication of the current architecture?

66. After reviewing the following vulnerability scanning report:

Server:192.168.14.6

Service: Telnet

Port: 23 Protocol: TCP

Status: Open Severity: High

Vulnerability: Use of an insecure network protocol

A security analyst performs the following test:

nmap -p 23 192.168.14.6 --script telnet-encryption

PORT STATE SERVICE REASON

23/tcp open telnet syn-ack

telnet encryption: Telnet server supports encryption

Which of the following would the security analyst conclude for this reported vulnerability?

72. Which of the following is a hardware-specific vulnerability?

87. Which of the following would help ensure a security analyst is able to accurately measure the overall risk to an organization when a new vulnerability is disclosed?