Audits And Assessment

Question 1

What is an internal audit?

Answer 1

A formal check by an organization to review security, compliance, and control effectiveness.

内部审计是组织用来评估安全性、合规性与控制有效性的正式检查。

Question 2

What are common focus areas in internal audits?

Answer 2

Data protection, network security, access control, and incident response.

内审常关注数据保护、网络安全、访问控制与事件响应。

Question 3

What is threat modeling?

Answer 3

A method to identify possible attacks like SQL injection or XSS.

威胁建模是识别潜在攻击（如 SQL 注入、跨站脚本）的分析方法。

Question 4

What is the goal of a risk assessment?

Answer 4

To evaluate threat impact, likelihood, and choose cost-effective mitigation.

风险评估的目标是分析威胁影响、发生概率，并选出最优应对措施。

Question 5

Name two common mitigation strategies.

Answer 5

Code fixes and adding security controls.

常见的缓解措施包括代码修复和增加安全控制。

Question 6

What is Active Reconnaissance?

Answer 6

Direct interaction with the target, such as port scanning.

主动侦察：直接与目标交互，例如端口扫描。

Question 7

What is Passive Reconnaissance?

Answer 7

Collecting information without touching the target, like WHOIS or open-source intel.

被动侦察：不接触目标系统，通过公开资源收集情报。

Question 8

What are the 3 environment types in pentesting?

Answer 8

Known, Partially Known, and Unknown environments.

环境类型包括：已知、部分已知与未知环境。

Question 9

What is Physical Penetration Testing?

Answer 9

Testing locks, badges, and cameras to check physical security.

物理渗透测试：检查门锁、门禁卡、监控等实体安全措施。

Question 10

What is Offensive Penetration Testing?

Answer 10

Red teaming – simulating real attacks to find exploitable weaknesses.

攻击型测试（红队）：模拟黑客行为，主动发现可利用漏洞。

Question 11

What is Defensive Penetration Testing?

Answer 11

Blue teaming – focused on detection, monitoring, and improving response.

防御型测试（蓝队）：偏向监控、防御和提升事件响应能力。

Question 12

What is Integrated (Purple Team) Testing?

Answer 12

Red team attacks while blue team defends – promotes collaboration and full coverage.

紫队测试：红队攻击 + 蓝队防守，强化协作，实现全面安全评估。