Matt Walker Chapter 13 Flashcards

1
Q
  1. 1.A security staff is preparing for a security audit and wants to know if additional security training for the end user would be beneficial. Which of the following methods would be the best option for testing the effectiveness of user training in the environment?

A. Vulnerability scanning
B. Application code reviews
C. Sniffing
D. Social engineering

A

1.D. Social Engineering

Social engineering is designed to test the human element in the organization. Of the answers provided, it is the only real option.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q
  1. 2.What marks the major difference between a hacker and an ethical hacker (pen test team member)?

A. Nothing.
B.Ethical hackers never exploit vulnerabilities; they only point out their existence.
C. The tools they use.
D.The predefined scope and agreement made with the system owner

A

2.D. The predefined scope and agreement made with the system owner

Pen tests always begin with an agreement with the customer that identifies the scope and activities. An ethical hacker will never proceed without written authorization.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q
  1. 3.Which of the following best describes a blue team?

A. Security team members defending a network
B. Security team members attacking a network
C.Security team members with full knowledge of the internal network

A

3.A. Pre-attack

Blue teams are defense-oriented. They concentrate on preventing and mitigating attacks and efforts of the red team/bad guys.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q
  1. 4.In which phase of a penetration test is scanning performed?

A. Pre-attack
B. Attack
C. Post-attack
D. Reconnaissance

A

4.A. Pre-attack

All reconnaissance efforts occur in the pre-attack phase.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q
  1. 5.Which type of security assessment notifies the customer of vulnerabilities but does not actively or intentionally exploit them?

A. Vulnerability assessment
B. Scanning assessment
C. Penetration test
D. None of the above

A

5.A. Vulnerability assessments

Vulnerability assessments (a.k.a. security audits) seek to discover open vulnerabilities on the client’s systems but do not actively or intentionally exploit any of them.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q
  1. 6.Which of the following would be a good choice for an automated penetration test? (Choose all that apply.)

A. Nmap
B. Netcat
C. Core Impact
D. CANVAS

A

6.C, D. Core Impact and CANVAS

Core Impact and CANVAS are both automated, all-in-one test tool suites capable of performing a test for a client. Other tools may be used in conjunction with them to spot vulnerabilities, including Nessus, Retina, SAINT, and Sara.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q
  1. 7.Which of the following tests is generally faster and costs less but is susceptible to more false reporting and contract violation?

A. Internal
B. External
C. Manual
D. Automatic

A

7.D. Automatic

Automatic testing involves the use of a tool suite and generally runs faster than an all-inclusive manual test. However, it is susceptible to false negatives and false positives and can oftentimes overrun the scope boundary.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q
  1. 8.Joe is part of a penetration test team and is starting a test. The client has provided him a system on one of their subnets but did not provide any authentication information, network diagrams, or other notable data concerning the systems. Which type of test is Joe performing?

A. External, white box
B. External, black box
C. Internal, white box
D. Internal, black box

A

8.D. Internal, black box

Joe is on a system internal to the network and has no knowledge of the target’s network. Therefore, he is performing an internal, black-box test.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q
  1. 9.In which of the following would you find in a final report from a full penetration test? (Choose all that apply.)

A. Executive summary
B. A list of findings from the test
C. The names of all the participants
D.A list of vulnerabilities patched or otherwise mitigated by the team

A

9.
A. Executive summary
B. A list of findings from the test
C. The names of all the participants

The final report for a pen test includes an executive summary, a list of the findings (usually in order of highest risk), the names of all participants, analysis of findings, mitigation recommendations, and any logs or other relevant files.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q
  1. 10.Which security assessment is designed to check policies and procedures within an organization?

A. Security audit
B. Vulnerability assessment
C. Pen test
D. None of the above

A

10.A. Security Audit

A security audit is used to verify security policies and procedures in place.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q
  1. 11.Which of the following best describes a red team?

A. Security team members defending a network
B. Security team members attacking a network
C.Security team members with full knowledge of the internal network
D.Security team members dedicated to policy audit review

A

11.B. Security team members attacking a network

Red teams are on offense. They are employed to go on the attack, simulating the bad guys out in the world trying to exploit anything they can find.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly