Tentamen (uitwerkingen)
Test Bank for CompTIA PenTest+ PT0-002 Cert Guide, 2nd edition by Omar Santos
- Vak
- Instelling
Test Bank for CompTIA PenTest+ PT0-002 Cert Guide, 2nd edition by Omar Santos
[Meer zien]Voorbeeld 4 van de 41 pagina's
Voorbeeld 4 van de 41 pagina's
In winkelwagen
In winkelwagen
Verkoper
Volgen
MedConnoisseur
Ontvangen beoordelingen
Voorbeeld van de inhoud
TEST BANKCOMPTIA
PenTest+ PT0-
FOR MORE AFFORDABLE FILES CHECK OUT: WWW.MEDTESTBANKS.COM
002
M
EMAIL US ON MEDTESTBANKS@GMAIL.COM
EDITION: 2nd Edition
ED
AUTHORS: Omar Santos
CO
NN
OI
◊ PDF DOWNLOAD
SS
◊ ORIGINAL FROM PUBLISHER
EU
◊ALL CHAPTERS; COMPLETE GUIDE
R
◊ IMMEDIATE DOWNLOD AFTER ORDER
WWW.MEDTESTBANK.COM
,CompTIA® PenTest+ PT0-002 Cert Guide
Chapter 1 Introduction to Ethical Hacking and Penetration Testing
1) Which of these describes a scenario in which the tester is provided credentials but not full
documentation of the network infrastructure?
A) Unknown-environment test
B) Known-environment test
C) Partially known environment test
D) Unspecified environment test
Answer: C
2) Which of the following would an ethical hacker not participate in?
A) Unauthorized access
M
B) Responsible disclosure
C) Documentation
D) Unknown-environment test
ED
Answer: A
3) Which of these attack types involves tricking the user into disclosing information or taking
CO
action?
A) DDoS
B) Ransomware
NN
C) Social engineering
D) Botnet
Answer: C
OI
4) What type of attacker is most likely to be motivated purely by financial profit?
A) Hacktivist
B) Nation-state
SS
C) Insider threat
D) Organized crime
EU
Answer: D
5) Cyber war and cyber espionage are two terms that best fit into this category:
A) State-sponsored attackers
R
B) Hacktivists
C) Insider threats
D) Organized crime
Answer: A
6) Which of the following frameworks is a collection of different matrices of tactics, techniques,
and subtechniques?
A) WSTG
B) MITRE ATT&CK
C) NIST
D) OSSTMM
Answer: B
1
Copyright © 2022 Pearson Education, Inc.
,7) What type of attacker steals sensitive data and then reveals it to the public in order to
embarrass the target?
A) Kidnapper
B) Nation state
C) Organized crime
D) Hacktivist
Answer: D
8) What type of tests would be most important to conduct to find out whether hackers could use
the Internet to compromise your client’s online ordering system?
A) Application-based tests
B) Network infrastructure tests
M
C) Penetration testing in the cloud
D) Physical facility tests
Answer: A
ED
9) What is the first phase of the Penetration Testing Execution Standard testing methodology?
A) Intelligence gathering
CO
B) Vulnerability analysis
C) Pre-engagement interactions
D) Threat modeling
NN
Answer: C
10) What type of tests would be most important to conduct to find out whether unauthorized
people can reach the company’s server rooms?
OI
A) Web application tests
B) Network infrastructure tests
C) Wireless network tests
SS
D) Physical facility tests
Answer: D
EU
11) What type of tests would be most important to conduct to find out whether there are any
poorly secured switches, firewalls, routers, and supporting resources?
A) Web application tests
R
B) Network infrastructure tests
C) Wireless network tests
D) Physical facility tests
Answer: B
12) Which testing methodology involves seven phases, including pre-engagement interactions,
intelligence gathering, threat modeling, and vulnerability analysis?
A) PTES
B) PCI DSS
C) Penetration Testing Framework
D) OSSTMM
Answer: A
2
Copyright © 2022 Pearson Education, Inc.
, 13) Which testing methodology has key sections including Operational Security Metrics, Trust
Analysis, Work Flow, and Human Security Testing?
A) PTES
B) PCI DSS
C) Penetration Testing Framework
D) OSSTMM
Answer: D
14) In this type of test, the tester would normally be provided things like network diagrams, IP
addresses, configurations, and a set of user credentials:
A) Unknown-environment test
B) Known-environment test
C) Partially known environment test
M
D) Black-box test
Answer: B
ED
15) ISSAF covers which of the following phases?
A) Information gathering
B) Network mapping
CO
C) Vulnerability identification
D) All of the above
Answer: D
NN
16) What document created by the National Institute of Standards and Technology provides
organizations with guidelines on planning and conducting information security testing?
A) Special Publication (SP) 800-115
OI
B) General Publication (GP) 2006-110
C) Special Publication (SP) 2018-01
D) International Publication (IP) 2016-330
SS
Answer: A
EU
17) Which of these is not a requirement for a typical penetration testing environment?
A) Closed network
B) Virtualized computing environment
C) Sign-in credentials for the systems to be tested
R
D) Practice targets
Answer: C
18) Which of these can help protect the client in the event that you break something during a
test?
A) Health monitoring
B) WPA
C) Open network
D) Virtualized computing environment
Answer: D
19) Which type of hacker has consent to attempt to access the target?
3
Copyright © 2022 Pearson Education, Inc.
Voordelen van het kopen van samenvattingen bij Stuvia op een rij:
√ Verzekerd van kwaliteit door reviews
Stuvia-klanten hebben meer dan 700.000 samenvattingen beoordeeld. Zo weet je zeker dat je de beste documenten koopt!
Snel en makkelijk kopen
Je betaalt supersnel en eenmalig met iDeal, Bancontact of creditcard voor de samenvatting. Zonder lidmaatschap.
Focus op de essentie
Samenvattingen worden geschreven voor en door anderen. Daarom zijn de samenvattingen altijd betrouwbaar en actueel. Zo kom je snel tot de kern!
Veelgestelde vragen
Wat krijg ik als ik dit document koop?
Je krijgt een PDF, die direct beschikbaar is na je aankoop. Het gekochte document is altijd, overal en oneindig toegankelijk via je profiel.
Tevredenheidsgarantie: hoe werkt dat?
Onze tevredenheidsgarantie zorgt ervoor dat je altijd een studiedocument vindt dat goed bij je past. Je vult een formulier in en onze klantenservice regelt de rest.
Van wie koop ik deze samenvatting?
Stuvia is een marktplaats, je koop dit document dus niet van ons, maar van verkoper MedConnoisseur. Stuvia faciliteert de betaling aan de verkoper.
Zit ik meteen vast aan een abonnement?
Nee, je koopt alleen deze samenvatting voor €19,62. Je zit daarna nergens aan vast.
Is Stuvia te vertrouwen?
4,6 sterren op Google & Trustpilot (+1000 reviews)
Afgelopen 30 dagen zijn er 67096 samenvattingen verkocht
Opgericht in 2010, al 14 jaar dé plek om samenvattingen te kopen