100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
Solutions for CompTIA Pentest+ Guide To Penetration Testing, 1st Edition by Wilson (All Chapters included) $29.49   Add to cart

Exam (elaborations)

Solutions for CompTIA Pentest+ Guide To Penetration Testing, 1st Edition by Wilson (All Chapters included)

 7 views  0 purchase
  • Course
  • CompTIA
  • Institution
  • CompTIA

Complete Solutions Manual for CompTIA Pentest+ Guide To Penetration Testing, 1st Edition by Rob S. Wilson ; ISBN13: 9780357950654......(Full Chapters included Chapter 1 to 14)...1. Introduction to Penetration Testing. 2. Setting Up a Penetration Testing Lab. 3. Planning and Scoping. 4. Informati...

[Show more]

Preview 4 out of 144  pages

  • October 5, 2024
  • 144
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers
  • CompTIA
  • CompTIA
avatar-seller
mizhouubcca
CompTIA Pentest+ Guide To
Penetration Testing, 1st Edition by
Rob S. Wilson




Complete Chapter Solutions Manual
are included (Ch 1 to 14)




** Immediate Download
** Swift Response
** All Chapters included
** Practice Labs Answer File

,Table of Contents are given below

1. Introduction to Penetration Testing.
2. Setting Up a Penetration Testing Lab.

3. Planning and Scoping.

4. Information Gathering.
5. Performing Vulnerability Scanning.

6. Exploitation Methods and Tools.

7. Network Attacks and Attack Vectors.

8. Wireless and Specialized Systems Attack Vectors and

Attacks.

9. Application-Based Attack Vectors and Attacks.
10. Host Attack Vectors and Cloud Technologies Attacks.

11. Social Engineering and Physical Attacks.
12. Reporting and Communication.
13. Writing and Understanding Code.

14. The Final Penetration Testing Project.

,Solution and Answer Guide
WILSON, PENT EST+: GUIDE TO PENETRATION T ESTING 2024, 9780357950654; MODULE 01:
INTRODUCTION TO PENETRATION TESTING


TABLE OF CONTENTS
Review Questions ........................................................................................................................................ 1
Activities ...................................................................................................................................................... 5
Case Projects ............................................................................................................................................... 5




REVIEW QUESTIONS

1. What are two other terms for penetration testing?
a. Vulnerability testing
b. Pen testing
c. Ethical hacking
d. Blue teaming

Answer: b, c

Penetration testing is also known as pen testing or ethical hacking and is an authorized series of
security-related, non-malicious “attacks” on targets such as computing devices, applications, or an
organization’s physical resources and personnel.

2. The purpose of pen testing is to discover vulnerabilities in targets so that these vulnerabilities can be
eliminated or mitigated.
a. True
b. False

Answer: a

The purpose of pen testing is to discover vulnerabilities in targets so that the vulnerabilities can be
eliminated or mitigated before a threat actor with malicious intent exploits them to cause damage to
systems, data, and the organization that owns them.

3. Pen testing should be performed under which of the following circumstances? Choose all that apply.
a. A new computer system has been installed.
b. A new software system or an update to a software system has been installed.
c. Following a regular schedule to make sure no unknown changes have impacted security.
d. Performed as dictated by compliance standards such as PCI DSS.


Answer: a, b, c, d

Pen testing should be performed as a regular practice, to meet compliance standards, and after a major
change in a computing environment, such as the installation of a new computer system, application, or
update.



1

, 4. Which of the following are possible targets for penetration testing?
a. Web application.
b. Computer.
c. Staff.
d. All of these are correct.


Answer: d

Web applications and other software, computers and related systems, and staff or other personnel can
be targets for penetration testing.

5. The targets under test and the actions that a pen tester is allowed to perform need to be well-defined,
documented, and agreed upon by all parties before pen testing begins. True or false?
a. True
b. False


Answer: a

Because pen-testing activities are the same as illegal hacking activities, though with different goals, the
pen-testing targets and actions must be well-defined, documented, and agreed upon by all parties
before pen testing begins.

6. Use your favorite search engine to research bug bounties. Find three different bug bounties that were paid,
and in a one-page report, summarize these bounties. Make sure to include the vulnerability details, the
organization that paid the bounty, and how much they paid.

Answers will vary, but a good report will follow the instructions and have exactly three bug bounty
examples. It will also describe the vulnerability details, the organization that paid the bounty, and the
amount.

7. The CIA triad expresses how the cornerstones of confidentiality, integrity, and accessibility are linked
together to provide security for computer systems and their data.
a. True
b. False

Answer: a

In the CIA triad, confidentiality of information dictates that an object should only be accessible to
authorized entities. Integrity of information or systems ensures that an object has not been corrupted or
destroyed by unauthorized entities. Availability requires that objects and services must be accessible to
authorized entities when needed and should not be made unavailable by threat actors or system
failures.

8. Which triad is the antithesis of the CIA triad?
a. BAD
b. SAD
c. ADD
d. DAD


Answer: d

The DAD (disclosure, alteration, destruction) triad is the antithesis of the CIA triad because it
expresses the goals of disclosing confidential information, altering or corrupting the integrity of
information, and destroying or denying the availability of access to resources.


2

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller mizhouubcca. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $29.49. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

67096 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$29.49
  • (0)
  Add to cart