Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Pentesting > 1A: Define Organizational Pentesting > Flashcards

1A: Define Organizational Pentesting Flashcards

1.2 Explain the importance of scoping and organizational/customer requirements. 4.3 Explain the importance of communication during the penetration testing process.

1
Q

What are the three controls utilized to ensure CIA of system resources?

A
  1. Administrative Controls
  2. Physical Controls
  3. Technical or Logical Controls
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the three controls utilized to ensure CIA is a security measure implemented to monitor adherence to organizational policies and procedures?

A

Administrative Control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which of the three controls utilized to ensure CIA is used to restrict, detect, and monitor access to specific physical areas or assets?

A

Physical Control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which of the three controls (administrative, physical, technical/logical) utilized to ensure CIA, automate protection to prevent unauthorized access or misuse, and include Access Control Lists (ACLs), and Intrusion Detection Systems (IDS)/Intrusion Prevention Systems (IPS)?

A

Technical or Logical Control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which principle states that an object should only be allocated the minimum necessary rights, privileges, or information in order to perform its role?

A

Principle of Least Privilege

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is the term that represents the consequence of a threat exploiting a vulnerability which can result in financial loss, business disruption, or physical harm?

A

Risk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is the formula for defining risk?

A

Risk = Threat x Vulnerability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What term represents something such as malware or a natural disaster, that can accidentally or intentionally exploit a vulnerability and cause undesirable results?

A

Threat

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What term is a weakness or flaw, such as a software bug, system flaw, or human error that can be exploited by a threat?

A

Vulnerability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What type of analysis is a security process used to assess risk damages that can affect an organization?

A

Risk Analysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What type of appliance is an all-in-one security appliance and agent that combine the functions of a firewall, malware scanner, intrusion detection, vulnerability scanner, data loss prevention, content filtering, and so on.

A

Unified Threat Management (UTM) Appliance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What term defines the cyclical process of identifying, assessing, analyzing, and responding to risks.

A

Risk Management

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are the four steps of the CompTIA structured PenTesting process?

A
  1. Planning and Scoping
  2. Information Gathering and Vulnerability Scanning
  3. Attacks and Exploits
  4. Reporting and Communication
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What are the eight steps of the expanded CompTIA structured PenTesting process? (acronym: srsgmcar)

A
  1. Planning and Scoping
  2. Reconnaissance
  3. Scanning
  4. Gaining Access
  5. Maintaining Access
  6. Covering Tracks
  7. Analysis
  8. Reporting
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Pentesting (56 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions