1. What is the primary function of Tenable.io?
A) Firewall management
B) Vulnerability management
C) Endpoint antivirus
D) Network monitoring
ANSWER : B
Explanation: Tenable.io is Tenable’s cloud-based platform for vulnerability
management, providing visibility into vulnerabilities across IT assets.
2. Which protocol does Tenable Nessus use to perform remote vulnerability
scanning?
A) SMTP
B) SNMP
C) HTTP
D) SSH
ANSWER : D
Explanation: Nessus uses SSH for credentialed Linux scans and SMB for
Windows systems to perform authenticated vulnerability assessments.
3. Which type of scan in Tenable.io is designed to detect missing patches on
Windows hosts?
A) Credentialed scan
B) Discovery scan
C) External scan
D) Web application scan
ANSWER : A
Explanation: Credentialed scans allow Nessus or Tenable.io to log in to hosts,
check patch levels, and verify installed software.
,4. What is a “policy” in Tenable.io?
A) A set of user permissions
B) A predefined scan template
C) A network firewall rule
D) A compliance audit log
ANSWER : B
Explanation: Policies define the configuration, targets, and plugin selection for
scans in Tenable.io.
5. Which Tenable.io component provides dashboards and vulnerability
trend analysis?
A) Nessus Agent
B) Asset Inventory
C) SecurityCenter
D) Tenable.io UI
ANSWER : D
Explanation: Tenable.io’s web interface provides dashboards, trending, and
reporting features for vulnerability and asset management.
6. What is the function of the Nessus Agent?
A) Perform unauthenticated scans
B) Monitor firewall traffic
C) Collect vulnerability data locally
D) Replace Tenable.io
ANSWER : C
Explanation: Nessus Agents are installed on endpoints to collect vulnerability
data locally, which is then sent to Tenable.io for aggregation and reporting.
7. Which plugin family would be most relevant for identifying
misconfigurations in Windows systems?
A) Malware Detection
B) Compliance Checks
C) Denial-of-Service
D) Web Servers
, ANSWER : B
Explanation: Compliance Checks plugins assess system configuration against
security benchmarks (like CIS) for misconfigurations.
8. What is the difference between authenticated and unauthenticated
scans?
A) Authenticated scans are faster
B) Authenticated scans use credentials to get deeper host information
C) Unauthenticated scans require more resources
D) There is no difference
ANSWER : B
Explanation: Authenticated scans log into systems and check installed
software, patch levels, and configurations for more accurate results.
9. In Tenable.io, which report type shows vulnerabilities by severity over
time?
A) Executive Summary
B) Trend Report
C) Compliance Report
D) Scan Export
ANSWER : B
Explanation: Trend reports track vulnerabilities and their severity over time,
helping organizations understand remediation progress.
10. Which Tenable.io asset attribute can be used to group hosts for
scanning?
A) Operating System
B) IP Address
C) Asset Tags
D) Plugin ID
ANSWER : C
Explanation: Asset tags are labels assigned to hosts to organize them into
logical groups for scanning and reporting.
, 11. Which scan template is ideal for detecting missing patches and
vulnerabilities on all assets?
A) Basic Network Scan
B) Advanced Scan
C) Credentialed Patch Audit
D) Discovery Scan
ANSWER : C
Explanation: Credentialed Patch Audit scans use system credentials to detect
missing patches and verify installed software.
12. What is the purpose of a “plugin” in Tenable.io/Nessus?
A) To block malicious traffic
B) To detect specific vulnerabilities
C) To monitor network bandwidth
D) To install software updates
ANSWER : B
Explanation: Plugins are scripts that check systems for specific vulnerabilities,
misconfigurations, or compliance issues.
13. Which Tenable.io report type is used to demonstrate regulatory
compliance?
A) Executive Summary
B) Compliance Report
C) Trend Report
D) Raw Data Export
ANSWER : B
Explanation: Compliance reports are tailored to standards such as PCI-DSS,
HIPAA, or CIS benchmarks to show adherence.
14. Which method is used to reduce scan impact on production systems?
A) Use credentialed scanning
B) Use a high-intensity scan profile
C) Scan during peak business hours
D) Disable logging
A) Firewall management
B) Vulnerability management
C) Endpoint antivirus
D) Network monitoring
ANSWER : B
Explanation: Tenable.io is Tenable’s cloud-based platform for vulnerability
management, providing visibility into vulnerabilities across IT assets.
2. Which protocol does Tenable Nessus use to perform remote vulnerability
scanning?
A) SMTP
B) SNMP
C) HTTP
D) SSH
ANSWER : D
Explanation: Nessus uses SSH for credentialed Linux scans and SMB for
Windows systems to perform authenticated vulnerability assessments.
3. Which type of scan in Tenable.io is designed to detect missing patches on
Windows hosts?
A) Credentialed scan
B) Discovery scan
C) External scan
D) Web application scan
ANSWER : A
Explanation: Credentialed scans allow Nessus or Tenable.io to log in to hosts,
check patch levels, and verify installed software.
,4. What is a “policy” in Tenable.io?
A) A set of user permissions
B) A predefined scan template
C) A network firewall rule
D) A compliance audit log
ANSWER : B
Explanation: Policies define the configuration, targets, and plugin selection for
scans in Tenable.io.
5. Which Tenable.io component provides dashboards and vulnerability
trend analysis?
A) Nessus Agent
B) Asset Inventory
C) SecurityCenter
D) Tenable.io UI
ANSWER : D
Explanation: Tenable.io’s web interface provides dashboards, trending, and
reporting features for vulnerability and asset management.
6. What is the function of the Nessus Agent?
A) Perform unauthenticated scans
B) Monitor firewall traffic
C) Collect vulnerability data locally
D) Replace Tenable.io
ANSWER : C
Explanation: Nessus Agents are installed on endpoints to collect vulnerability
data locally, which is then sent to Tenable.io for aggregation and reporting.
7. Which plugin family would be most relevant for identifying
misconfigurations in Windows systems?
A) Malware Detection
B) Compliance Checks
C) Denial-of-Service
D) Web Servers
, ANSWER : B
Explanation: Compliance Checks plugins assess system configuration against
security benchmarks (like CIS) for misconfigurations.
8. What is the difference between authenticated and unauthenticated
scans?
A) Authenticated scans are faster
B) Authenticated scans use credentials to get deeper host information
C) Unauthenticated scans require more resources
D) There is no difference
ANSWER : B
Explanation: Authenticated scans log into systems and check installed
software, patch levels, and configurations for more accurate results.
9. In Tenable.io, which report type shows vulnerabilities by severity over
time?
A) Executive Summary
B) Trend Report
C) Compliance Report
D) Scan Export
ANSWER : B
Explanation: Trend reports track vulnerabilities and their severity over time,
helping organizations understand remediation progress.
10. Which Tenable.io asset attribute can be used to group hosts for
scanning?
A) Operating System
B) IP Address
C) Asset Tags
D) Plugin ID
ANSWER : C
Explanation: Asset tags are labels assigned to hosts to organize them into
logical groups for scanning and reporting.
, 11. Which scan template is ideal for detecting missing patches and
vulnerabilities on all assets?
A) Basic Network Scan
B) Advanced Scan
C) Credentialed Patch Audit
D) Discovery Scan
ANSWER : C
Explanation: Credentialed Patch Audit scans use system credentials to detect
missing patches and verify installed software.
12. What is the purpose of a “plugin” in Tenable.io/Nessus?
A) To block malicious traffic
B) To detect specific vulnerabilities
C) To monitor network bandwidth
D) To install software updates
ANSWER : B
Explanation: Plugins are scripts that check systems for specific vulnerabilities,
misconfigurations, or compliance issues.
13. Which Tenable.io report type is used to demonstrate regulatory
compliance?
A) Executive Summary
B) Compliance Report
C) Trend Report
D) Raw Data Export
ANSWER : B
Explanation: Compliance reports are tailored to standards such as PCI-DSS,
HIPAA, or CIS benchmarks to show adherence.
14. Which method is used to reduce scan impact on production systems?
A) Use credentialed scanning
B) Use a high-intensity scan profile
C) Scan during peak business hours
D) Disable logging
