D332 -Penetration Testing and Vulnerability
Analysis - Actual Exam with Questions and
Answers| Latest Update | Verified Answers
What is a MSA? - ✔✔The Master Service Agreement (MSA): a contract that establishes
guidelines for any business documents that are executed between two parties.
- used to cover recurring costs and any unforeseen additional charges that may occur during a
project without the need for an additional contract.
Project scope and a definition of the work that is to be completed
Compensation specifics that include invoicing and any reports required when submitted
Requirements for any permits, licensing, or certifications
Safety guidelines and environmental concerns
Insurances such as general and liability.
What is a SOW? - ✔✔Statement of Work (SOW) is a document that defines the expectations
for a specific business arrangement. It typically includes a list of deliverables, responsibilities of
both parties, payment milestones, schedules, and other terms. provides the details on the work
that the client has agreed to pay. As a result, it has a direct impact on team activities. It also can
be used by the PenTest team to charge for out-of-scope requests
What is an SLA? - ✔✔service-level agreement (SLA) is a contract that outlines the detailed
terms under which a service is provided, including reasons the contract may be terminated.
The document will lay out the metrics by which that service is measured, and the remedies or
penalties, if any, should the agreed-on service levels not be achieved.
,In addition, there may be terms for security access controls and risk assessments, along with
processing requirements for confidential and private data.
Describe the following DNS records: MX, NS, TXT, SRV - ✔✔Mail Exchange (MX) record
provides the mail server that accepts email messages for a particular domain.
Nameserver (NS) record lists the authoritative DNS server for a particular domain.
Text (TXT) record provides information about a resource such as a server or network in human
readable form.
Service (SRV) record provides host and port information on services such as voice over IP (VoIP)
and instant messaging (IM).
Describe hslookup and Dig - ✔✔Nslookup is a command-line tool used in either a Windows
or Linux operating system (OS) that can be used to query a domain and specify various record
types.
Dig is a utility widely used on a Linux OS that can perform reverse lookups to match an IP
address to a domain name.
Explain the highlights of the ollowing source code repositories: GitHub, Bitbucket, CloudForge,
Sourceorge - ✔✔GitHub: location agnostic, free for basic users, reasonable fee for enterprise
Bitbucket: inline comments, secured workflow, free for small teams
,What are Some of the sites that offer reverse image search? - ✔✔TinEye
Google
Yandex
Bing
What are 5 tools to investigate a website? - ✔✔browsers, Nmap, Metasploit, DirBuster and
forced browsing (Using known URLs to "predict" unlinked URLs or IPs from a website to gain
access to unprotected resources.)
What is a robots.txt file? - ✔✔file (case sensative) that tells bots where to search, and more
importantly, where NOT to search, found in a website's top-level directory. To display, add it
after the end of the domain name:
https://<domain name>/robots.txt
deny access to the cart page to all user-agents = Disallow: * /cart
allow all bots to access all content:
User-agent: * Disallow:
What is the importance of a digital certificate's SAN? - ✔✔subject alternative name (SAN):
identify specific subdomains that can be covered by the certificate
ex. Common name: *.comptia.org
SANs: *.comptia.org, comptia.org
What are a certificate's CT logs? - ✔✔Certificate Transparency (CT) framework, are logs of
public certificate authorities (CAs) (anyone to access) can enable you to discover subdomains
that may be no longer covered by the certificate but still exist.
, What is the significance of CRL and OCSP, regarding certificates? - ✔✔the status of the
certificate is checked by using one of two methods:
The Certification Revocation List (CRL)
The Online Certificate Status Protocol (OCSP)
*CRL is a list of certificates that in some way have been deemed invalid. Although the CRL is
effective, most online services have moved to the newer OCSP
Explain the 2 ways a certificate is checked for validity - ✔✔1. Client goes to web server, then
web server sends the client the certificate. Client then goes to the OCSP server to check the
validity of the certificate.
2. (Stapling the Certificate) Client goes to web server, then web server goes to the OCSP server
to check the validity of the certificate
The web server then sends the validated certificate to the client.
What is Metagoofil? - ✔✔A linux-based information gathering tool written in Python which
will perform a search in Google to extract metadata from public documents belonging to a
target company. Displays results in html.
What is FOCA? - ✔✔FOCA is a GUI OSINT tool used to discover metadata hidden in web and
local documents. it can also gather other domains associated with the primary IP address.
FOCA is a Windows-only tool. In addition, it also requires a running SQL server
Explain OSINT tool theHarvester (CLI) - ✔✔Automates gathering things like Subdomain
names
Employee names
Email addresses
PGP key entries
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Examsplug. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $13.99. You're not tied to anything after your purchase.
