Pentest All Possible Questions and Answers 2023/2024
5 keer bekeken 0 keer verkocht
Vak
Pentest
Instelling
Pentest
Pentest All Possible Questions and Answers 2023/2024
Passive methods are those that do not actively engage the target organization's systems, technology, defenses, people, or locations.
True
The information gathered through passive methods is referred to as OSINT. What does OSINT stand for?
o...
Pentest All Possible Questions and Answers 2023/2024
Passive methods are those that do not actively engage the target organization's
systems, technology, defenses, people, or locations.
True
The information gathered through passive methods is referred to as OSINT. What
does OSINT stand for?
open source intelligence
Select the statements about footprinting and enumeration that are true:
osint includes data from publicy available sources, An organization's footprint is a listing
of all the system,s network, and other technology that an organization has, White box
testers may be given OSINT before the test starts
CERT
Can be used as a generic term to describe various organizations. Each one serves as
an organizational hub for cybersecurity information.
NIST
Provides standards, networks, and guides for cybersecurity: SP 800-115, provided by
this organization, is of particular interest to penetration testers.
MITRE
Federally funded not-for-profit organization that performs federally funded research and
development.
Full Disclosure
Online discussion board for security practicioners
ISC
Source for dairies, podcasts, and other information. This is run by SANS.
The Common Attack Pattern Enumeration and Classification (CAPEC) list is
published by NIST, and is designed to help identify and document attacks and
attack patterns.
false
The Common Vulnerabilities and Exposures (CVE) list identifies vulnerabilities by
name, number, and description.
true
Penetration tests never require onsite visits - all aspects of them can be done
remotely.
false
ExifTool is designed to help you recover data from which type of document?
-electronic text documents
Financial data - such as tax information or financial disclosures - does not
provide useful information to penetration testers as a general rule.
false
Social engineering techniques that are used on employees of a company that is
being tested can generally provide useful information, but is understood to be
out-of-bounds for penetration testers, and not something they would consider
doing.
false
,External footprinting is considered to be the most passive type of
reconnaissance: pick the option considered to be least passive:
-gathering info about ip ranges and routes
Domain names are managed by domain name registrars.
true
The central authority for domain name registrars is known as the IANA, which
provides a service that allows you to search for information about an
organization or individual based on their registration information. This service is
called:
whois
DNS converts IP addresses to domain names and domain names to IP addresses.
true
Select all the statements about zone transfers that are true:
-one way of getting dns information via zone transfer is to use the program dig
-the data in a dns zone transfer contains useful info
-a dns zone transfer is designed to be used to replicate dns databases between dns
servers
After sufficient OSINIT has been gathered, it's typical to move onto active
reconnaissance.
true
There are many techniques for active reconnaissance, so it's important to be
familiar with multiple methods.
ture
Port scanners are the only way to identify hosts on a network.
false
One of the most common tasks that a penetration will perform while conducting
active reconnaissance is service identification.
true
SSH
22
HTTPS
443
HTTP
80
Telnet
22
The ability to identify an operating system on the network traffic that it sends is
known as operating system handprinting.
false
NMAP allows you to specify which of the following? Pick all that are correct:
-os detection
-range of ports
-service detection
-how output is formated
The GUI front end to nmap is called MapGUI.
false
, Understanding the topology of a network is not generally necessary or helpful for
a penetration tester.
false
Tools like kismet or wireshark can be used to capture traffic from wireless
networks.
true
SNMP ping sweeps are typically done from outside the network, and do not
require internal access to the network you're attempting to penetrate.
false
Enumeration is defined as a process which establishes an active connection to
the target hosts to discover potential attack vectors in the system, and the this
data can be used for further exploitation of the system.
Enumeration is used to gather:
Username and Group names
Hostnames
Network shares and services
IP tables and routing tables
Service settings and Audit configurations
Application and banners SNMP and DNS Details
True
Decompilers are designed to pull apart compiled binaries and generate usable
code.
true
One of the ways you can defend against active reconnaissance is to limit external
exposure of services to those that absolutely need to be exposed.
true
There is nothing that organizations can do to make it more difficult for
penetration testers to gather passive information about them.
false
Penetration testing only considers the creativity and skill of an attacker, and
takes no notice of what tools that the attacker may be using.
False
Penetration tests are always authorized and legal attempts to defeat security
controls and perform activities that would, under other circumstances, be
unauthorized.
true
Penetration tests can be automated, and as a result, are not generally time-
consuming.
false
Which of the following is not a concept that is characteristic of the CIA triad?
alteration
select all of the concepts are part of the DAD triad
-disclosure
-denial
-alteration
Voordelen van het kopen van samenvattingen bij Stuvia op een rij:
Verzekerd van kwaliteit door reviews
Stuvia-klanten hebben meer dan 700.000 samenvattingen beoordeeld. Zo weet je zeker dat je de beste documenten koopt!
Snel en makkelijk kopen
Je betaalt supersnel en eenmalig met iDeal, creditcard of Stuvia-tegoed voor de samenvatting. Zonder lidmaatschap.
Focus op de essentie
Samenvattingen worden geschreven voor en door anderen. Daarom zijn de samenvattingen altijd betrouwbaar en actueel. Zo kom je snel tot de kern!
Veelgestelde vragen
Wat krijg ik als ik dit document koop?
Je krijgt een PDF, die direct beschikbaar is na je aankoop. Het gekochte document is altijd, overal en oneindig toegankelijk via je profiel.
Tevredenheidsgarantie: hoe werkt dat?
Onze tevredenheidsgarantie zorgt ervoor dat je altijd een studiedocument vindt dat goed bij je past. Je vult een formulier in en onze klantenservice regelt de rest.
Van wie koop ik deze samenvatting?
Stuvia is een marktplaats, je koop dit document dus niet van ons, maar van verkoper LectDan. Stuvia faciliteert de betaling aan de verkoper.
Zit ik meteen vast aan een abonnement?
Nee, je koopt alleen deze samenvatting voor €11,24. Je zit daarna nergens aan vast.