100% tevredenheidsgarantie Direct beschikbaar na betaling Zowel online als in PDF Je zit nergens aan vast
logo-home
CREST CPSA EXAM 300 QUESTIONS AND CORRECT ANSWERS LATEST (VERIFIED ANSWERS) €22,61   In winkelwagen

Tentamen (uitwerkingen)

CREST CPSA EXAM 300 QUESTIONS AND CORRECT ANSWERS LATEST (VERIFIED ANSWERS)

3 beoordelingen
 909 keer bekeken  13 keer verkocht
  • Vak
  • CREST CPSA
  • Instelling
  • CREST CPSA

CREST CPSA EXAM 300 QUESTIONS AND CORRECT ANSWERS LATEST (VERIFIED ANSWERS)

Voorbeeld 4 van de 40  pagina's

  • 15 februari 2023
  • 40
  • 2022/2023
  • Tentamen (uitwerkingen)
  • Vragen en antwoorden
  • CREST CPSA
  • CREST CPSA

3  beoordelingen

review-writer-avatar

Door: brobron • 11 maanden geleden

review-writer-avatar

Door: junaidkhanpathan • 1 jaar geleden

review-writer-avatar

Door: kaungmyatmin • 1 jaar geleden

avatar-seller
CREST CPSA EXAM 300 QUESTIONS AND CORRECT ANSWERS LATEST 2023 -
2024( VERIFIED ANSWERS ) What port does squid proxy use? - ANSWER - 3128 What are the benefits of a penetration test? - ANSWER - - Enhancement of the management system - Avoid fines - Protection from financial damage - Customer protection What is the structure of a penetration test? - ANSWER - Planning and Preparation Reco nnaissance Discovery Analyzing information and risks Active intrusion attempts Final analysis Report Preparation What is another structure of a penetration test? - ANSWER - Reconnaissance Vulnerability Scanning Investigation Exploitation What is does infrastructure testing include? - ANSWER - Includes all internal computer systems, associated external devices, internet networking, cloud and virtualization testing. What are the types of infrastructure testing? - ANSWER - - External Infrastru cture Penetration Testing - Internal Infrastructure Penetration Testing - Cloud and Virtualization Penetration Testing - Wireless Security Penetration Testing What does External Infrastructure Testing include? - ANSWER - Mapping flaws in the external inf rastructure What are the benefits of External Infrastructure Testing ? - ANSWER - - Identifies flaws within the firewall configuration that could be misused. - Finds how information could be leaked out from the system - Suggests how these issues could be f ixed - Prepares a comprehensive report highlighting the security risk of the networks and suggests solutions - Ensures overall efficiency and productivity of your business What are the benefits of Internal Infrastructure testing? - ANSWER - -Identifies how an internal attacker could take advantage of even a minor security flaw - Identifies the potential business risk and damage that an internal attacker can inflict - Improves security systems of internal infrastructure - Prepares a comprehensive report g iving details of the security exposures of internal networks along with the detailed action plan on how to deal with it What are the benefits of cloud and virtualization penetration testing? - ANSWER - - Discover the real risks within the virtual environme nt and suggests the methods and costs to fix the threats and flaws - Provides guidelines and an action plan how to resolve the issues - Improves the overall protection systems - Prepares a comprehensive security system report of the cloud computing and virtualization, outline the security flaws, causes and possible solutions What are the benefits of wireless security penetration testing ? - ANSWER - - To find the potential risk caused by your wireless device - To provide guidelines and an action plan on h ow to protect from the external threats - For preparing a comprehensive security system report of the wireless networking, to outline the security flaw, causes, and possible solutions What is Black Box Testing? - ANSWER - Black -box testing is a method in which the tester is provided no information about the application being tested. What are the advantages of Black Box Testing? - ANSWER - - Test is generally conducted with the perspectiv e of a user, not the designer - Verifies contradictions in the actual system and the specifications What are the disadvantages of black box penetration testing? - ANSWER - - Particularly, these kinds of test cases are difficult to design - Possibly, it is not worth, in -case designer has already conducted a test case - It does not conduct everything What is white box penetration testing ? - ANSWER - A tester is provided a whole range of information about the systems and/or network such as schema, source code , os details, ip address, etc. What are the advantages of white box penetration testing? - ANSWER - - It ensures that all independent paths of a module have been exercised - It ensures that all logical decisions have been verified along with their true an d false value. - It discovers the typographical errors and does syntax checking - It finds the design errors that may have occurred because of the difference between logical flow of the program and the actual execution. What are the important highlights of the computer misuse act 1990? - ANSWER - Section 1: Unauthorized access to computer material Section 2: Unauthorized access with intent to commit or facilitate commission of further offenses Section 3: Unauthorized acts with intent to impair, or with r ecklessness as to impairing the operation of a computer Unauthorized modification of computer material What are the important highlights of the human rights act 1998? - ANSWER - - The right to life - The right to respect for private and family life - The right to freedom of religion and belief - Your right not to be mistreated or wrongly punished by the state when capturing the scope of a penetration test, what information requires consent to meet the UK laws? - ANSWER - -Name & Position of the individual who is providing consent -Authorized testing period - both the date range and hours that testing is permitted - Contact information for members of technical staff, who may provide assistance during the test - IP addresses or URL that are in scope of testing - Exclusions to certain hosts, services or areas within application testing Credentials that may be required as part of authenticated application testing What are the important highlights of the data protection act 1998? - ANSWER - - Personal data must be processed fairly and lawfully - be obtained only for lawful purposes and not processed in any manner incompatible with those purposes - be adequate, relevant and not excessive - be accurate and current - not be retained for lo nger than neccessary - be processed in accordance with the rights and freedoms of data subjects - Be protected against unauthorized or unlawful processing and against accidental loss, destruction or damage What are the important highlights of the police and justice act 2006? - ANSWER - - Make amendments to the computer misuse act 1990 - increased penalties of computer misuse act (makes unauthorized computer access serious enough to fall under extradition) - Made it illegal to perform DOS attacks - Made it illegal to supply and own hacking tools. - Be careful about how you release information about exploits . What issues may arise between a tester and his client? - ANSWER - - The tester is unknown to his client - so, on what grounds, he should be given acce ss of sensitive data -Who will take the guarantee of security of lost data? - The client may blame for the loss of data or confidentiality to tester. How can you prevent legal issues when doing a penetration test? - ANSWER - A statement of intent should be duly signed by both parties - The tester has the permission in writing, with clearly defined parameters - the company has the details of its pen tester and an assurance that he would not leak any confidential data What does scoping a penetration test involve? - ANSWER - - All relevant risk owners - Technical staff knowledgeable about the target system - A representative of the penetration test team - Risk owners should outline any areas of special concern

Voordelen van het kopen van samenvattingen bij Stuvia op een rij:

Verzekerd van kwaliteit door reviews

Verzekerd van kwaliteit door reviews

Stuvia-klanten hebben meer dan 700.000 samenvattingen beoordeeld. Zo weet je zeker dat je de beste documenten koopt!

Snel en makkelijk kopen

Snel en makkelijk kopen

Je betaalt supersnel en eenmalig met iDeal, creditcard of Stuvia-tegoed voor de samenvatting. Zonder lidmaatschap.

Focus op de essentie

Focus op de essentie

Samenvattingen worden geschreven voor en door anderen. Daarom zijn de samenvattingen altijd betrouwbaar en actueel. Zo kom je snel tot de kern!

Veelgestelde vragen

Wat krijg ik als ik dit document koop?

Je krijgt een PDF, die direct beschikbaar is na je aankoop. Het gekochte document is altijd, overal en oneindig toegankelijk via je profiel.

Tevredenheidsgarantie: hoe werkt dat?

Onze tevredenheidsgarantie zorgt ervoor dat je altijd een studiedocument vindt dat goed bij je past. Je vult een formulier in en onze klantenservice regelt de rest.

Van wie koop ik deze samenvatting?

Stuvia is een marktplaats, je koop dit document dus niet van ons, maar van verkoper johnkabiru. Stuvia faciliteert de betaling aan de verkoper.

Zit ik meteen vast aan een abonnement?

Nee, je koopt alleen deze samenvatting voor €22,61. Je zit daarna nergens aan vast.

Is Stuvia te vertrouwen?

4,6 sterren op Google & Trustpilot (+1000 reviews)

Afgelopen 30 dagen zijn er 73918 samenvattingen verkocht

Opgericht in 2010, al 14 jaar dé plek om samenvattingen te kopen

Start met verkopen
€22,61  13x  verkocht
  • (3)
  Kopen