14.2.4 Practice exam

Your page rank:

Total word count: 479
Pages: 2

Calculate the Price

- -
275 words
Looking for Expert Opinion?
Let us have a look at your work and suggest how to improve it!
Get a Consultant

You have decided to perform a double blind penetration test. Which of the following actions would you perform first?

Inform senior management

Which of the following activities are typically associated with penetration testing? (select two)

Attempting social engineering Running a port scanner

Which of the following types of penetration test teams will provide you information that is most revealing of a real-world hacker attack?

Zero knowledge team

A security administrator is conducting a penetration test on a network. She connects a notebook system running Linux to a wireless network and then uses NMAP to probe various network hosts to see which operating system they are running.
Which process did the administrator use in the penetration test in this scenario?

Active fingerprinting

A security administrator is conducting a penetration test on a network. She connects a notebook system to a mirror port on a network switch. She then uses a packet sniffer to monitor network traffic to try and determine which operating systems are running on network hosts.
Which process did the administrator use in the penetration test in this scenario?

Passive fingerprinting

Drag each penetration test characteristic on the left to the appropriate penetration test name on the right.

White box test The tester has detailed information about the target system prior to starting the test. Grey Box test The tester has the same about of information that would be available to a typical insider in the organization. Black box test The tester has no prior knowledge of the target system. Single blind test Either the attacker has prior knowledge about the target system, or the administrator knows that the test is being performed. Double blind test The tester does not have prior information about the system and the administrator has no knowledge that the test is being performed

Match each network enumeration technique on the left with its corresponding description on the fish.

Identifying phone number with modems War dialing Scanning for wireless access points Wardriving Identifying operating system type and version number Banner grabbing Identifying services that can pass through a firewall Firewalking

What is the main difference between vulnerability scanning and penetration testing?

Vulnerability scanning is performed within the security perimeter; penetration testing is performed outside of the security perimeter.

Which of the following is included in an operations penetration test? (select three)

1. Looking through discarded papers or media for sensitive information 2.Eavesdropping or obtaining sensitive information from items that are not properly stored 3.Acting as an imposter with the intent to gain access or information

Which phase or step of security assessment is a passive activity

Reconnaissance

What is the primary purpose of penetration testing?

Test the effectiveness of your security perimeter

Which of the following identifies an operating system or network service based upon it response to ICMP messages?

Fingerprinting

Which of the following uses hacking techniques to proactively discover internal vulnerabilities?

Penetration testing

Share This
Flashcard

More flashcards like this

NCLEX 10000 Integumentary Disorders

When assessing a client with partial-thickness burns over 60% of the body, which finding should the nurse report immediately? a) ...

Read more

NCLEX 300-NEURO

A client with amyotrophic lateral sclerosis (ALS) tells the nurse, "Sometimes I feel so frustrated. I can’t do anything without ...

Read more

NASM Flashcards

Which of the following is the process of getting oxygen from the environment to the tissues of the body? Diffusion ...

Read more

Unfinished tasks keep piling up?

Let us complete them for you. Quickly and professionally.

Check Price

Successful message
sending