Nexpose Certified Administrator

Lab Guide

Version 18.8

DISCLAIMER: Unless otherwise indicated, this lab guide and its design, text, content, selection and arrangement of elements, organization, graphics,
design, compilation, digital conversion and other matters related to this document are protected under applicable copyrights, trademarks and other
proprietary (including, but not limited to, intellectual property) rights and are the property of Rapid7 LLC or the material is included with the permission of
the rights owner and is protected pursuant to copyright and trademark laws. ALL RIGHTS RESERVED. If you have any questions about the use of this
material, please contact [email protected].

Version 18.8
Understanding this Document
To better understand the Rapid 7 Lab Guide instructions, please note the following:

This font style is instructional and provides direction in the lab.

Any text entered in a bold font indicates that you will be clicking on a button, menu, drop down or item.

(Any text entered in italics inside parenthesis are considered special instructions, tips, or best practices that may not be specific
instructions.)

Any text entered in this underlined Courier font indicates that you will be typing the text into a form, field, or command line interface.

‘Any text entered in italics inside a single quote indicates that the student should be looking for this item, section, or heading to continue
the exercise steps.’

Asset IP
Nexpose Console 192.168.1.101
Engine Install 192.168.1.102
Win7 Target 192.168.1.103
Metasploitable2 192.168.1.104

Version 18.8
 Table of Contents

Understanding this Document............................................................................................................................ 2

Table of Contents .............................................................................................................................................. 3
Lab 1: Create a Custom Scan Template ............................................................................................................ 4
Lab 2: Creating Static Sites/Launching a Scan .................................................................................................. 5
Lab 3: Asset Groups .......................................................................................................................................... 6
Task 1: Create a Static Asset Group .............................................................................................................. 6
Task 2: Create a Dynamic Asset Group ......................................................................................................... 6
Lab 4: Real Context ........................................................................................................................................... 7
Task 1: Tag an Individual Asset ..................................................................................................................... 7
Task 2: Tag Assets in a Site........................................................................................................................... 7
Task 3: Tag Assets in a Static Asset Group ................................................................................................... 7
Lab 5: Automated Actions.................................................................................................................................. 8
Lab 6: Create/Manage Users ............................................................................................................................. 9
Task 1: Update Password Policy .................................................................................................................... 9
Task 2: Create a New User ............................................................................................................................ 9
Lab 7: Pairing the Console to an Engine .......................................................................................................... 10
Task 1: Get the Shared Secret .................................................................................................................... 10
Task 2: Install and Pair the Engine ............................................................................................................... 10
Lab 8: Credential Management and Policy Scanning ....................................................................................... 12
Task 1: Site Specific Credentials - Windows Credentials ............................................................................. 12
Task 2: Shared Credentials - SSH Credentials............................................................................................. 12
Lab 9: Exception Handling ............................................................................................................................... 13
Task 1: Submit an Exception........................................................................................................................ 13
Task 2: Approve/Reject an Exception Submission ....................................................................................... 13
Troubleshooting Challenge ............................................................................................................................. 14
Lab 10: Risk Score ......................................................................................................................................... 15
Task 1: Risk Score Adjustment .................................................................................................................... 15
Task 2: Change the Risk Strategy ................................................................................................................ 15
Lab 11: Manage Reports ................................................................................................................................. 16
Task 1: Create a Report Template (Document) ............................................................................................ 16
Task 2: Create a Report Document Report .................................................................................................. 16
Appendix A: Practice Exam ............................................................................................................................ 18
Appendix B: Versioning .................................................................................................................................. 21

Version 18.8
Lab 1: Create a Custom Scan Template
(Open the Nexpose Console, open your Firefox Browser, and click on Nexpose in the Bookmark toolbar if
necessary, login with user1: password1)

1. From the console, select Administration from the left menu.

2. On the Scan Options | Templates section select manage.
3. Locate the ‘Full audit’ scan template. Click the Copy icon in this row.
4. Change the name of the template to ‘Full Audit with Modifications’.
5. Clear the current description and enter some text as the new description.
6. Configure your template with the following parameters: (Note: Clicking any of the individual sections on
the left menu will navigate through the various template sections.) For any sections not mentioned,
leave the default settings.
a. General
i. Change the number of simultaneous assets per Scan Engine from 10 to 15.
ii. Best Practice: Check Enhanced Logging
iii. Uncheck Web Spidering
b. Asset Discovery
i. Discover assets with only ICMP, ARP and TCP protocols.
ii. Uncheck UDP packet discovery.
iii. Check – ‘Do not treat TCP reset responses as live assets’.
iv. Add ports 515, 631 and 9100 in the Send TCP Packets.
c. Service Discovery
i. Discover services on all TCP ports.
ii. Discover service on well-known UDP ports.
d. Policy Manager
a) Expand the CIS Section.
b) Enable the Policy CIS Ubuntu 16.04 LTS Server Benchmark Level One-
Server v1.0.0
7. Save the template by clicking the Save button in the upper right area.

Notes: Though you have the ability to create new templates from scratch by selecting the ‘New Scan
Template’ button, you rarely should have to do this. It is advised that you copy an existing template that
closely achieves your scanning objectives by selecting the icon in the column labeled ‘Copy’.

Version 18.8
Lab 2: Creating Static Sites/Launching a Scan
1. From the console, select the Home link on the left menu to get to the Nexpose Dashboard.
2. Under the Sites section click on the Create Site button.
3. Configure the site with the following parameters: Note: Clicking the individual sections at the top (Info &
Security, Assets, etc.) will navigate through the various configuration sections. Each section may have
multiple configuration pages. You can navigate these using the top navigation
a. Info & Security
i. Name the Site ‘US Central Site’. Allow Sally User access to this site.
b. Assets
i. In the include section, enter the range ‘192.168.1.0/24’.
ii. Add ‘192.168.1.1’ to the Exclude list.
c. Templates
i. Select the scan template Full audit enhanced logging- No Web Spider.
d. Engines
i. Select local scan engine.
e. Alerts
i. Create an email alert to ‘[email protected]’ from ‘[email protected]’.
ii. The alert should only occur only if the scan fails. Maximum Alerts to Send: 5
iii. Include the new alert name “US Central Site Failure”
iv. Add the SMTP relay server IP address as: 192.168.1.102
v. You must click SAVE in this dialog box, as it will not save when you go to the next tab.
f. Schedule
i. Click Create Schedule
ii. Enter ‘Start date and time’ to 9pm Pacific on the 10th of next month
iii. Set the Maximum scan duration to 3 hours 30 minutes and Set the Repeat scan every to
every month on the 10th
iv. Set the ‘If a scan reaches the maximum duration’ to ‘continue the scan where it
previously stopped’ Click Save to commit your new schedule.
g. Blackout
i. Click Create Blackout on the left menu.
ii. Enable a blackout that starts on the next Friday from 1-4 am Eastern and repeats
continues every Friday. Click Save to create the new blackout.
4. Click on Save and Scan in the upper right to save your site configuration and start a scan. You may
get a UAC popup asking “Are you sure you want to Save and Scan?” Click Save & Scan.
5. Monitor status of the scan. This should refresh every few seconds.

Version 18.8
Lab 3: Asset Groups
Task 1: Create a Static Asset Group

1. Click the Create button in the top menu, select Asset Group
2. Change the Asset Filter criteria to OS contains Linux.
3. Click the + to add another filter.
4. Create a second filter Host Type contains Virtual Machine
5. Click the Search button.
6. Scroll down to verify you have matching assets.
7. Leave type as Static.
8. Name the new asset group ‘Virtual Linux ’.
9. Enter a brief description
10. Click Save.
11. Verify the new asset group is displayed in the asset group listing, and that it is static.

Task 2: Create a Dynamic Asset Group

1. Click the Create button in the top menu, select Dynamic Asset Group.
2. Create a filter with the following criteria:
a. OS contains Windows
b. Vulnerability Title contains SMB
3. Click Search
4. After the search returns results, select create asset group
5. Name the asset group ‘Windows SMB Vulnerabilities’.
6. Enter the name and brief description.
7. Click Save
8. Go to the Nexpose Home page and locate Windows SMB Vulnerabilities. Select the new asset group
to view the assigned assets. (The new asset group may be located on the 2nd page.)
9. Verify the assets displayed in step 8 are included in the asset group.
This group will change over time. New Assets that meet the criteria (from step 3) will be added to the
group with each scan.

Bonus questions:

Which assets currently have DoS Vulnerabilities?

Version 18.8
Lab 4: Real Context
Task 1: Tag an Individual Asset
1. Search for an asset using the search (magnify glass) icon in upper right with IP Address 192.168.x.x by
entering the string ‘192.168’
2. Click on the IP address 192.168.1.102. If you did not complete the scan in Lab 2, you will not see this asset.
3. From the right side of the page, under User-added Tags, click Add Tags.
4. Click on the Criticality tab
5. Select Very High from the Tab Name dropdown menu, then click Add.
6. Click on the Locations tab
7. In the Tag Name field, type ‘Metasploit Pro’ and click Add.
8. Still in the Locations tag, type ‘Boston’ in the Tag Name field and click Add.
9. Select Custom Tags and enter ‘Rapid7’, select a tag color, and click Add.
10. Verify that the tags for Criticality and Location have been added. These are viewable in the User-
added section of the asset view.

Task 2: Tag Assets in a Site

1. From the Nexpose Home Page, scroll down to the Sites section, locate ‘US Central Site’ we created
earlier in Lab 2. Do not click on the site name.
2. Click on the Edit (pencil) icon in the row with ‘US Central Site’.
3. From the ‘Info & Security’ page, User-added Tags section, select Add Tags.
4. In the Custom Tags, enter a new Tag Name ‘Custom Network’. Select a Tag Color if desired.
5. Click Add.
6. Click the Save button in the upper right corner to save the site.
7. Verify that assets in the site inherit the new tag Custom Network.

Task 3: Tag Assets in a Static Asset Group

1. Click on the Home icon.
2. At the bottom of the Asset Groups section, open the Virtual Linux asset group.
3. Click Edit Asset Group.
4. Go back to the General Section.
5. Click the + icon to add tags.
6. Add a Criticality tag of ‘Very High’ to the asset group.
7. Click Save to finished creating the asset group.

Version 18.8
Lab 5: Automated Actions
1. Click the Automated Actions icon in the left menu.
2. Click the New Action button. This is the circle with the + inside.
3. Select New vulnerability coverage available as the trigger.
4. In the Filter By drop-down list select CVSS score.
5. Choose the modifier ‘is Higher than’.
6. Enter a minimum value of 7.4.
7. Click Next.
8. Select an action from the drop-down list. With new vulnerabilities, the only available action is scan for
new vulnerabilities.
9. Select site US Central Site to scan for the new vulnerabilities.
10. Click Next.
11. Enter the name to ‘CVSS Critical, scan US Central Site’.
12. Click Save Action.
13. Close the Automated Actions window by clicking the X in the upper right.

Version 18.8
Lab 6: Create/Manage Users
Task 1: Update Password Policy
1. From the console, select Administration from the left menu
2. Under the ‘Users’ section, select Manage under Password Policy
3. Update the policy to include the following:
a. Expires every 90 days
b. Must be at least 8 characters’ long
c. Must include at least 1 capitalized letter, 1 symbol (special characters), and 1 number
4. Click Save to update the password policy

Task 2: Create a New User

1. From the console, select Administration from the left menu
2. Under the Users section, select Create.
3. Enter the following under the General screen:
a. Enter the User name: jdoe
b. Full Name: John Doe
c. Enter the password: Rapid7!!
d. Confirm password: Rapid7!!
4. Select Roles from the left-hand navigation
5. Change the Role a few times using the dropdown menu. Observe that the permissions change
(highlighted in blue) as the role changes.
6. After changing a few times, select Custom. Make note of which permissions are selected (highlighted).
Also observe that the permissions can be changed when the Custom role is selected.
7. Change to role to User.
8. Select Site Access from the left-hand navigation.
9. Select the Select sites button and choose the Global: Corporate and US Central Site sites.
10. Select Asset Group Access from the left-hand navigation.
11. Select the Select Groups button and choose the Ubuntu with SSH group.
12. Save the newly created user by selecting the Save button.
13. Optional: Logout of Nexpose and log back in as John Doe.
14. Observe what which Sites and Asset Groups in which user John Doe has access.
15. Logout as John Doe and log back in as user1.

End of Day One

Version 18.8
Lab 7: Pairing the Console to an Engine
Note: Linux commands are case sensitive.
Task 1: Get the Shared Secret

1. From the console, select Administration from the left menu, then Manage under the Engines section.
2. Generate a scan engine share secret at the bottom of the page.

3. Write down the shared secret on paper or take a “snip” of the file.

Note: You will be required to manually enter the shared secret in the next task. You cannot copy paste
from one VM to another.

Task 2: Install and Pair the Engine

1. Switch to the ‘Engine Install’ Machine. The user name AND password is ‘rapid7’.

2. Click on the Terminal shortcut in the left side menu bar. This will open a command prompt window.

3. Type ‘sudo –i’ and press the Enter key to start an interactive shell session as root. When prompted,
enter the root password, ‘rapid7’.

4. Change to the desktop directory by typing ‘cd /home/rapid7/Desktop’ and then press the Enter key.

5. Issue the list command ‘ls’ to display the files in this directory. The Nexpose install file (/Rapid7Setup-
Linux64.bin) should be listed as one of the files.

6. Change the properties of the Nexpose install file to allow execution of the binary. Type

‘chmod +x ./Rapid7Setup-Linux64.bin’, then press the Enter key.

Note: There is no success message but if you ‘ls’ again, the file will be green. The command prompt
displays again.

7. Type ‘./Rapid7Setup-Linux64.bin’ to run the installer. This will launch the install wizard.

8. Click Next at the Welcome Screen.

9. Scroll through the license agreement and select I accept the agreement. Click Next.
10. Ensure you select the option for Nexpose Scan Engine Only.
11. Leave the communication direction set to Engine to Console, Click Next
12. This screen will check system requirements. Click Next.
13. Enter a First Name, Last Name, and Company, then Next.
14. Review, confirm Scan Engine ONLY, then click Next to confirm installation selections.
15. The installation will begin here.

Version 18.8
 16. After installation, pair with the console, enter the Console Address ‘192.168.1.101’.
17. Leave the default port 40815
18. Enter the shared secret collected during task 1. Click the Test button.
19. You should see a green check mark in status. If not, please review shared secret entry.
20. Click Next and Finish.
21. Check the service by typing: ‘service nexposeengine status’ in the existing terminal .
22. Return to the Nexpose Console VM.

23. From the console, select Administration from the left menu, then Manage under the Engines section.
24. Verify that the new scan engine exists.
Note: This can take 5-15 minutes for the initial connection to establish between the Engine and
Console. Continue to refresh the page until the engine appears.

Version 18.8
Lab 8: Credential Management and Policy Scanning

Task 1: Site Specific Credentials - Windows Credentials

1. From the Home Page, Open the US Central site.

2. Click Manage Site.
3. Click on the Authentication Tab and add a new Credential.
4. Name the new credential ‘Windows’.
5. Enter a description.
6. Select Account on the left-hand navigation.
7. Select Microsoft Windows/Samba (SMB/CIFS) from the dropdown list.
8. For the username, enter ‘toor’. For the password, enter ‘rapid7’.
9. Expand the Test Credentials section.
10. In the hostname field enter ‘192.168.1.103’. Leave the Port blank.
11. Click on the Test Credentials button.
12. Wait for the ‘Authentication succeeded’ message.
13. If authentication fails, double check the username and re-enter the password.
14. Click Create at the bottom of the page.

Task 2: Shared Credentials - SSH Credentials

1. From the console, select Administration from the left menu.
2. Under the Scan Options | Shared Credentials section of the Administration page, select create.
3. Name the new credential ‘Ubuntu Policy Scanning’’.
4. Click on Account on the left-hand navigation.
5. Select Secure Shell (SSH) from the Service dropdown list
6. For the username, enter ‘rapid7’. For the passwords, enter ‘rapid7’.
7. Expand Permission Elevation, choose sudo as elevation type.
8. For the username, enter ‘rapid7’. For the passwords, enter ‘rapid7’.
9. Under Site Assignment, choose ‘Assign these credentials to all current and future sites.’
10. Click Save. There is no need to Test Credentials. You have used them already.
11. Navigate to the Home page and open the US Central Site, under Manage Site make sure that the new
credential appears under Authentication.
12. Click Save and Scan in the upper right-hand corner. When the scan completes, we will be able to do a
Baseline Comparison report.

Version 18.8
Lab 9: Exception Handling
Task 1: Submit an Exception
1. Click on the Home icon. Make mental note of the cumulative risk score in your console.
2. Select Global: Corporate site.
3. From within the site, select an asset with multiple vulnerabilities (instances).
4. Click on any asset to open and scroll down to the vulnerabilities.
5. Choose any vulnerability and click on Exclude in the far right-hand column.
6. In the vulnerability exception window, under the Scope form field, select All Instances on this Asset.
7. Under Reason for field, select Acceptable Risk.
8. In the comments field, enter ‘This vulnerability cannot be remediated due to a business requirement’.
9. Click on the Submit button.
10. Observe the icon and text in the Exceptions column changed from ‘Exclude’ to ‘Under Review’

Task 2: Approve/Reject an Exception Submission

1. From the console, select Administration from the left menu.
2. Under the Exceptions and Overrides section, select Review.
3. Notice the recently submitted exception with the status ‘Under Review’.
4. Click on Under Review.
5. Enter comments in the ‘Reviewer’s Comments’ field.
6. Set an expiration date of six months from today.
7. Select Approve.
8. Observe that the Review status has changed to “Approved by user1’.
9. Navigate to the vulnerability page and observe the vulnerability is no longer listed in the ‘Vulnerabilities’.
10. Click on the Home icon. Note how the cumulative risk score decreased.

Version 18.8
Troubleshooting Challenge –

Answer the following questions about this environment.

Q: What version is this product?

Q: What is the command to update the console via CLI (command line interface)?

Q: What is the command to see the details of the console/host?

Q: What is the default length time to keep scan information?

Q: Where would you find the logs for the past history scans?

Q: Is asset linking turned on?

Q: What is the default modification value of a high criticality tag?

Q: Run the diagnose tool. What OS are you on?

Q: Can you check for updates upon startup? Where do you make sure those are turned on?

Q: Where would you start a backup and/or restore?

Version 18.8
Lab 10: Risk Score
Task 1: Risk Score Adjustment

1. From the console, select Administration from the left menu.

2. From the Global and Console Settings | Global section of the Administration Page, select Manage.
3. Select the Risk Score Adjustment configuration page from the left-hand navigation.
4. Check the box next to Adjust asset risk scores based on criticality.
5. Make note the Risk Score Modifier values.
6. Click Save.
7. Click on the Home icon.
8. Scroll down to the Asset Tags section
9. Locate the Criticality assets tags.
10. Select a tag (beside medium) that has tagged assets associated with it.
11. Click on an asset with a Criticality tag applied.
12. Observe the Original risk score and the Context-Driven risk score with the modifier applied.

Task 2: Change the Risk Strategy

1. From the console, select Administration from the left menu.

2. From the Global and Console Settings | Global section of the Administration Page, select Manage.
3. Change the Risk Strategy from Real Risk to Temporal.
4. Change the Historical data to recalculate the Entire history.
5. Click Save.

Version 18.8
Lab 11: Manage Reports
Task 1: Create a Report Template (Document)
1. From the console, select Reports from the left menu.
2. Select Manage report templates.
3. Click the New button to create a new report template.
4. Enter the name ‘1 Document Report Template’.
5. Enter a brief description.
6. For the Template Type, keep the default selection of ‘Document (PDF, HTML, RTF)’.
7. Leave the Vulnerability Details setting as ‘Complete’.
8. Under Preferences, select Display Asset Names and IP Addresses.
9. In the ‘Select sections to include in the template’ section, select the following report sections by
selecting the specific section name, then click the Add button:
a. Cover Page
b. Table of Contents
c. Executive Summary
d. Baseline Comparison (using the two scans we have completed on Day One and Day Two)
e. Discovered Vulnerabilities
f. Vulnerability Exceptions
10. Click Save.
Note: with the selection of ‘Cover Page’, ‘Baseline Comparison’, and ‘Executive Summary’ sections,
options at the bottom of the page appear for each section.

Task 2: Create a Report Document Report

1. From the console, select Reports from the left menu.
2. Select Create a report.
3. Name the New Report ‘Training1’.
4. From the Scan Template Thumbnails, find and select the template named Document Report
Template. (From Task 1)
5. Select the File Format as HTML.
6. Under ‘Scope’, select the + icon for ‘Select Sites, Assets, Asset Groups or Tags’.
a. On the ‘Select Report Scope’ screen, select two sites to include in the report.
b. Click Done to return to the main ‘Create a Report’ screen page.
7. Under Frequency, configure the report to run on the 1st of every month (at 12:01 am) by selecting Run
a recurring report on a schedule.

Version 18.8
 8. Click on the Configure Advanced Settings hyperlink.
9. Expand the Access Section
a. Under the Report Viewer List, Click Add users.
b. Select John Doe user created in previous lab.
c. Click Done.
10. Expand the Distribution Section
a. Select the checkbox for Send to users on a report access list
b. For the ‘Attach report file as’ option, select File
c. Click Save the report
11. On the View Reports tab, mouse over ‘Training1’. (You may have to navigate to another page on the
report list).
12. Click on the dropdown menu to the left of the report name and select Run
13. Once the report is complete, view the report by clicking on the report name Training1.

Version 18.8
Appendix A: Practice Exam
THIS IS FOR REVIEW AFTER THE COURSE IS COMPLETED. PLEASE STOP HERE FOR NOW.

Nexpose Certified Administrator Answer Key

1. What permissions listed allow a user to view vulnerability data for a site named ‘HQ’? (Select all that
apply)
a. A role that allows View Site Asset Data and access to the ‘HQ’ site
b. A role that allows View Group Asset Data and access to the ‘HQ’ site
c. Everyone can see vulnerability findings if they have access to the site ‘HQ’
d. Global Administrator access
e. None of the above

2. Why is it recommended to use valid credentials for vulnerability scans?

a. To obtain maximum accuracy and visibility into vulnerability findings.
b. To confirm the NSC users identify before scanning
c. To ensure a secure session between the NSE and the host(s)
d. For logging and accountability purposes

3. When sending your diagnostic information to support.rapid7.com you are doing it over a TLS-encrypted
session over port 443.
a. True
b. False

4. The default risk model for Nexpose is ________________.

a. Weighted risk
b. Real risk
c. Temporal risk
d. PCI ASV 2.0 Risk

5. To edit a built-in scan template you would:

a. Edit the template directly
b. Delete and re-create the template
c. Copy and paste the template into a new site
d. Copy the template, make changes, and save as a new template, leaving the old as-is

6. If the error message "Not enough memory to complete scan" occurs during a scan, which of the
following actions should be considered?
a. Run fewer simultaneous scans
b. Lower the number of scan threads allocated by your scan template
c. Power off the console
d. Both A and B
e. Both A and C

Version 18.8
 7. What is the minimum system RAM requirement (in GB) for Nexpose console installations?
a. 32 GB
b. 4 GB
c. 16 GB
d. 12 GB
e. 8 GB

8. Which of the following report data export formats can Nexpose output?
a. CSV Export
b. XML Export
c. Database Export
d. CyberScope XML Export
e. All of the above

9. You have configured a scan for a class C network with the asset scope of 192.168.1.0/24, used the
built in scan template named ‘Full Audit’, and enabled syslog alerts to your SIEM at 10.1.4.2. You have
scheduled the scan to run monthly. Your scan has completed as scheduled, but your Policy Evaluation
report has no data. What is the likely cause?
a. The Full Audit template does not include Policy checks.
b. The Syslog alerts are not being delivered correctly.
c. The scan has likely failed.
d. You have input the scope incorrectly.

10. What URL would you use if trying to reach a remote Nexpose install on another server?
a. http://servername/nsc:3780
b. https://localhost:3780
c. https://serverIPaddress:3780
d. https://serverIPaddress:40814

11. You have a single dual-processor Nexpose console with 8GB of RAM. You currently have no additional
scan engines installed. You are attempting to scan 12 class C networks. Your scans seem to be failing
and you are seeing ‘out of memory’ errors entries in the console log. What is the BEST course action
that you should take to resolve the issue?
a. Increase the console's RAM.
b. Deploy Remote Scan Engines and offload scans from the console.
c. Increase available memory by stopping unnecessary services.
d. Spread your scans over a longer period.

12. Specify the devices to which you can apply custom tags: (Select all that apply)
a. An individual asset
b. Asset groups
c. Sites
d. Reports
e. Scan templates

Version 18.8
 13. Performing a filtered asset search is the first step in creating what type of asset groups? (select all that
apply)
a. Full
b. Asset
c. Dynamic
d. Site

14. Which of the following is a factor in the determination of vulnerability severity levels?
a. Temporal Scores
b. CVSS Scores
c. Weighted Scores
d. SANS Vulnerability Scores

15. Match the following log names to the proper description:

File Name Description

1. access.log a. scan engine system and application level events
2. auth.log b. memory-intensive operations, such as scanning and
reporting
3. nsc.log c. resources that are being accessed such as pages in the
Web interface
4. nse.log d. maintenance mode activity
5. mem.log e. logon or logoff, authentication failures, account lockouts

1 = c, 2 = e, 3 = d, 4 = a, 5 = b

Version 18.8
Appendix B: Versioning

Version Updates
18.4.1 Updated logo
IP addressing correction
18.4.2 Updated supported OS to include Windows Server 2016
Updated RESTful to v3
18.5.0 Lab updated to 6.5.17
Updated/Corrected IP addresses
Added Troubleshooting Challenge per TechSupport
18.6.0 Rearrange Lab 9
18.7.0 Updated Screenshot Lab 7
18.8.0 Updated LabGuide

Version 18.8