RAPID7 STUDY GUIDE EXAM QUESTIONS WITH
SOLUTIONS 2025 GRADED A+
✔✔IPS - ✔✔Intrusion prevention system. Instead of just alerting of a threat. IPS also
blocks it. Ex of vendors: Cisco FirePower (Sourcefire), Security Onion, Dell iSensor,
Snort (open source), many firewalls
✔✔Operating Systems - ✔✔allows software to work with hardware. Ex: windows (XP,
98, vista), Mac (OS), Linux- open source technology (Red hat, Ubuntu)
✔✔Directory - ✔✔is a service that would allow us to have all records about our
employees, their job functions and needed access in our place. Ex: microsoft active
directory, samba, ucs, zentyal, freeIPA, jumpcloud, etc.
✔✔Anti-virus solutions - ✔✔live on endpoints (workstations and servers) to detect and
block known malware, viruses. anti-virus solutions are only effective for blocking
knowing malware (commodity malware), and require the list of malicious signatures to
be upgraded regularly. Common: symantec, sophos, kaspersky, cylance, avast, eset
✔✔Endpoint Detection and response - ✔✔EDR solutions live on endpoints, but instead
of looking at signatures, they use complex analytics to detect previously unknown
malware and presence of attacker behaviors. Common: carbon black response,
cybereason, crowdstrike
✔✔InsightVM - ✔✔live, cloud based vulnerability management solution for the modern
network
✔✔Nexpose - ✔✔on-prem vulnerability mangement
✔✔Manged vulnerability management - ✔✔our managed vulnerability management
program build on a back bone of our technology
✔✔insightvm value prop - ✔✔identify, prioritize and manage vulnerabilities all the way
through remediation
✔✔insightvm 3 keys - ✔✔collect, prioritize, remediate
✔✔collect- data across your ecosystem- automatically collect, monitor, and analyze
your network for new and existing risk. - ✔✔Continuously identify and assess risk
across your cloud, virtual, remote, local, and containerized infrastructure
✔✔prioritize- using attacker analytics- move beyong cvss-only methods to help you
focus on the vulnerabilities that matter most - ✔✔leverage unparalleled attacker
SOLUTIONS 2025 GRADED A+
✔✔IPS - ✔✔Intrusion prevention system. Instead of just alerting of a threat. IPS also
blocks it. Ex of vendors: Cisco FirePower (Sourcefire), Security Onion, Dell iSensor,
Snort (open source), many firewalls
✔✔Operating Systems - ✔✔allows software to work with hardware. Ex: windows (XP,
98, vista), Mac (OS), Linux- open source technology (Red hat, Ubuntu)
✔✔Directory - ✔✔is a service that would allow us to have all records about our
employees, their job functions and needed access in our place. Ex: microsoft active
directory, samba, ucs, zentyal, freeIPA, jumpcloud, etc.
✔✔Anti-virus solutions - ✔✔live on endpoints (workstations and servers) to detect and
block known malware, viruses. anti-virus solutions are only effective for blocking
knowing malware (commodity malware), and require the list of malicious signatures to
be upgraded regularly. Common: symantec, sophos, kaspersky, cylance, avast, eset
✔✔Endpoint Detection and response - ✔✔EDR solutions live on endpoints, but instead
of looking at signatures, they use complex analytics to detect previously unknown
malware and presence of attacker behaviors. Common: carbon black response,
cybereason, crowdstrike
✔✔InsightVM - ✔✔live, cloud based vulnerability management solution for the modern
network
✔✔Nexpose - ✔✔on-prem vulnerability mangement
✔✔Manged vulnerability management - ✔✔our managed vulnerability management
program build on a back bone of our technology
✔✔insightvm value prop - ✔✔identify, prioritize and manage vulnerabilities all the way
through remediation
✔✔insightvm 3 keys - ✔✔collect, prioritize, remediate
✔✔collect- data across your ecosystem- automatically collect, monitor, and analyze
your network for new and existing risk. - ✔✔Continuously identify and assess risk
across your cloud, virtual, remote, local, and containerized infrastructure
✔✔prioritize- using attacker analytics- move beyong cvss-only methods to help you
focus on the vulnerabilities that matter most - ✔✔leverage unparalleled attacker
