03- Penetration Testing Quiz Flashcards

1
Q

Find the wrong statement about penetration testing.
A. It is an unintentional attack
B. Pen-testing is used for security assessment
C. Pen testing improves the security of the system
D. Pen testing does discovers security weaknesses

A

Answer: A

A pentest is an intentional attack on a system using the pen testing skills to improve the defense strategy.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which stage does not verify or try to exploit the vulnerability, just lists and ranks the identified
weaknesses.
C. Vulnerability assessment
D. Vulnerability scan

A

Answer: B
Vulnerability scan is the next step after the first discovery. This stage does not verify or try to exploit the vulnerability, it just
lists and ranks the identified weaknesses.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Penetration testing
a. can evaluate the security of system or network
b. cannot be used to identify the vulnerabilities left undetected by automated vulnerability
scanners
c. is an unauthorized attempt to exploit a computer system
d.. determines the critical vulnerabilities

A

Answer: A and D
Penetration testing exploits the vulnerabilities of a system or network to improve the security of the system. Pentesting can
identify the insecure areas of the system or network that can be used by an attacker to gain unauthorized access to the system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Nexpose and GFI are tools that try to match conditions found on the target system with known
vulnerabilities, and can find new vulnerabilities.
True
False

A

Answer: False
Nexpose, Nessus and GFI are tools that try to match conditions found on the target system with known vulnerabilities, but they
lack the ability to find new vulnerabilities. These tools count on a database to identify the existence of certain weaknesses.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

A vulnerability scan tries to verify the vulnerabilities found with little or no user interaction.
True
False

A

Answer: False
The last phase, or vulnerability assessment, tries to verify the vulnerabilities found and is done with little or no user interaction.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q
Question 1
Which step is essential for the organization to be compliant with certain ISOs or other certification
bodies?
A. Security audit
B. Vulnerability assessment
C. Code reviews
A

Answer: C
It can analyze specific web applications or internal software. It is the essential step for the organization to be compliant with
certain ISOs or other certification bodies.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

______ testing aims to exploit identified vulnerabilities to check what information is exposed to the
outside world.
Internal
External

A

Answer: B

External testing aims to exploit identified vulnerabilities to check what information is exposed to the outside world.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What remains the same in both internal and external testing?
A. The target
B. The attacker

A

Answer: A

The target remains the same in both the internal and external testing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which attack can be much more devastating?
A. External attacks
B. Internal attacks

A

Answer: B

Internal attackers have the full understanding of which systems are important within a network and where it is located.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

__________ saves time and resources, but is not accurate or professional.
A. Automated pentesting
B. Manual testing

A

Answer: A
You can easily use different tools to automate pentesting, to save your time and resources, but it is not accurate or
professional.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q
Manual testing requires:
A. less planning
B. a schedule
C. an attack design
D. automated tools
A

Answer: B and C
A skilled manual tester will always plan and schedule everything in advance. An experienced pen tester will always prepare an
attack design and schedule it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q
Identify the benefits of using automated tools.
A. Faster
B. Computerized
C. Accurate
D. In-depth coverage
A

Answer: A and B
The testing carried out with automated tools is faster when compared to manual ones. Automated tools are fully computerized,
whereas manual testing depends entirely on the skill of the tester.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q
Identify the disadvantages of using automated tools.
A. Fast
B. Dependency on the vendor’s database
C. Only tests technical flow
D. Computerized
A

Answer: B and C
Automated tools work based on the information provided in the database, and the decreased chances of being updated to the
latest threats affects the efficiency of the test. The automated testing only tests the technical flow, whereas the manual testing
tests for both technical and business/logic flow.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What are the disadvantages of manual testing?
A. Awareness to new attack vendors
B. Tests for both technical and business/logic flow
C. Does not cover the entire system
D. Slow

A

Answer: C and D
Only automated testing is able to cover every bit of the system, whereas the manual testing fails to do so. The manual testing is
slow when compared to automated testing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q
Pick out the merits of manual testing.
A. Dependency on the skill of the tester
B. Accuracy
C. Possibility of forgetting
D. Familiarity with new threats
A

Answer: B and D

The automated tools lack accuracy. The automated tools depend on the database of the vendor, which may not be updated.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Pen testers will use _____ to protect the possibility of data leakage and add another layer of security.
A. code review
B. vulnerability scan
C. manual testing

A

Answer: A
Code review can be used to identify the vulnerabilities left by developers, thereby protecting the possibility of data leakage and
adding another layer of security.

17
Q

Identify the least effective technique to protect webapps.
A. Basic SQL injection
B. Blind SQL injection

A

Answer: A

Hackers have developed new techniques to overcome the basic SQL injection techniques.

18
Q

Pentesting tests helps an organization to do the following except:
A. Manage vulnerabilities
B. Avoid downtime
C. Preserve the corporation’s good reputation
D. Manage risks

A

Answer: D

Pen testers are only concerned with security issues and improving the defense strategy.

19
Q

The risk assessment depends heavily on the vulnerability assessment.
True
False

A

Answer: True
The risk assessment depends heavily on the vulnerability assessment and cannot be performed without identifying the
vulnerabilities on a system.

20
Q

Penetration testing aims to determine the impact on the business if an attack was successful.
True
False

A

Answer: True

Penetration testing simulates a real-time attack and determines the impact on the business if an attack was successful.

21
Q

External testing simulates what an insider attack could accomplish.
True
False

A

Answer: False
Internal testing simulates what an insider attack could accomplish, while an external test exploits vulnerabilities to identify
information that will be exposed to the outside world.

22
Q

Armitage is a guru in automated testing, liked by all pen testers.
True
False

A

Answer: False
Armitage is a plugin in Metasploit, which presents a manual framework, to automate the pentest. Core impact is a guru in
automated testing.

23
Q

Automated testing is faster than manual testing.
True
False

A

Answer: True
Automated testing is faster. Manual testing requires planning, an attack design, and a schedule. It is exactly, in a way, what a
hacker does to attack certain environment.

24
Q

Penetration testing is not complete without testing human behavior.
True
False

A

Answer: True
Penetration testing is not complete without testing human behavior, as exploiting human trust is the easiest way to gain access
to sensitive information.

25
Q

If a hacker gains physical access to the system, he may not try to install malicious hardware like
keyloggers or backdoors.
True
False

A

Answer: False

If a hacker gains physical access to the system, he may try to install malicious hardware like keyloggers or backdoors.

26
Q

In case of mobile users, the pentesting team will not attempt to enforce a policy to encrypt mobile
devices.
True
False

A

Answer: False
The pentesting team will try to enforce a policy to encrypt mobile devices to prevent the exposure of sensitive information.

27
Q

Footprinting, services probing, and system fingerprinting are a few examples of internal testing.
True
False

A

Answer: False
Footprinting, services probing, and system fingerprinting are a few examples of tests that focus on external systems that face
the Internet.

28
Q

Internal Network Scanning, Firewall and ACL Testing, and Password Strength Testing are a few
external threats.
True
False

A

Answer: True
Internal Network Scanning, Database Security Controls Testing, Firewall and ACL Testing, and Password Strength Testing are all
examples of external attacks.

29
Q

SQL injection techniques cannot be used to find web application vulnerabilities.
True
False

A

Answer: False
SQL injection techniques can be used to find web application vulnerabilities. Basic SQL injection, advanced SQL injection, and
blind SQL injection techniques are the most common techniques used to ensure the safety of webapps.

30
Q

Penetration testing can be used to evaluate the magnitude of potential business and operational
impacts of successful attacks.
True
False

A

Answer: True
Penetration testing can identify the vulnerabilities left out by automated tools. It can evaluate the magnitude of potential
business and operational impacts of successful attacks.

31
Q

A security audit is also known as a security assessment.
True
False

A

Answer: True

A security audit is also known as a security review or assessment.