Domain 6 (Security Assessment and Testing)

Question 1

What is the difference between a Vulnerability Assessment and a Penetration Test?

Answer 1

Vulnerability Assessment identifies weaknesses and Penetration Testing validates the discovered weaknesses

Question 2

What is the main issue with Penetration Testing?

Answer 2

It can be disruptive to productivity and systems

Question 3

How does separation of duties relate to Penetration Testing?

Answer 3

Tester should only test effectiveness of safegaurds NOT suggest remediation

Question 4

What document do you need before starting Penetration Test?

Answer 4

Rules of Engagement document

Question 5

What are the three types of Penetration Testing?

Answer 5

Physical, Administrative (Social Engineering) and Logical (System attacks)

Question 6

What is the purpose of an Intrusion Detection System (IDS)?

Answer 6

Identifies suspicious activity, logs, alerts

Question 7

What interface mode is required for an Intrusion Detection System (IDS)?

Answer 7

Promiscuous mode

Question 8

What do you need on a switch for an Intrusion Detection System (IDS) to work?

Answer 8

Port Mirroring/Spanning (Because switches isolates traffic to single ports)

Question 9

What is the difference between a Host Based Intrusion Detection System (HIDS) and a Network Intrusion Detection System (NIDS)?

Answer 9

HIDS only covers a single host, and NIDS covers a network

Question 10

Advantages of HIDS

Answer 10

Can look at data after is decrypted (network traffic is encrypted). Can monitor OS or a single App

Question 11

Disadvantages of HIDS

Answer 11

System resource usage

Question 12

Disadvantage of NIDS

Answer 12

Can’t view unencrypted data

Question 13

Name two types of IDS analysis engines

Answer 13

Pattern Matching (Signatures) and Profile Matching (Behaviour, Heuristics)

Question 14

What is a collection of Honey Pots called?

Answer 14

A honey net

Question 15

Main concern about Honey Pots

Answer 15

Careful of Enticement vs Entrapment