Chapter 1

Question 1

What is the CIA triad?

Answer 1

Confidentiality (prevent unauthroized access to information or systems)

Integrity (prevent unauthroized modification of information or systems)

Availability (ensure use of information and systems is possible)

Question 2

What is the DAD triad?

Disalde

Answer 2

Disclosure (gain unauthorized access)

Alteration (make unauthorized changes)

Denial (prevent legit use of systems and info)

Question 3

What are the four stages of the CompTIA Penetration
Test?

Answer 3

Planning and
Scoping
(

Information
Gathering and
Vulnerability
Scanning

Attacking and
Exploiting

Reporting and
Communicating
Results

Question 4

What are the steps in The Cyber Kill Chain?

Answer 4

Reconnaissance.
(
Weaponization.
(
Delivery.
(
Exploitation.
(
Installation.
(
Command and control.
(
Actions on Objectives.
(

Question 5

What is Reconnaissance in the cyber kill chain?

Answer 5

(Attackers gather open source intelligence and conduct initial scans of target environment

Question 6

What is Weaponization in the cyber kill chain?

Answer 6

Attackers develop a specific
attack tool designed to exploit the vulnerabilities identified during reconnaissance.

Question 7

What is Delivery in the cyber kill chain?

Answer 7

Attackers next must deliver that malware to the target. (Network vuln, social enginnering, infected USB, sending as email attachment,

Question 8

What is Exploitation in the cyber kill chain?

Answer 8

The malware gains access to the targeted system. Victim opens a malicious file or when the attacker exploits a vulnerability over the network or otherwise gains a foothold on the target

Question 9

What is Installation in the cyber kill chain?

Answer 9

The attacker uses the
initial access provided by the malware to establish permanent, or persistent, access to the
target system. (Making a backdoor

Question 10

What is Command and Control in the cyber kill chain?

Answer 10

After getting permanent access the attacker may use a remote shell or other means to control the system.

They can control it manually or may connect an automated command-and-control (C2C) network that provides it with instructions.

Question 11

What is Actions on Objectives in the cyber kill chain?

Answer 11

Attacker uses the system to advance the original objectives of their attack. (theft, use of resources, mine crypto, modification or deletion of information.

Question 12

Tom is running a penetration test in a web application and discovers a flaw that allows
him to shut down the web server remotely.

What goal of penetration testing has Tom most
directly achieved?
A. Disclosure
B. Integrity
C. Alteration
D. Denial

Answer 12

D. Denial

Question 13

Brian ran a penetration test against a school’s grading system and discovered a flaw that
would allow students to alter their grades by exploiting a SQL injection vulnerability.

What
type of control should he recommend to the school’s cybersecurity team to prevent students
from engaging in this type of activity?

A. Confidentiality
B. Integrity
C. Alteration
D. Availability

Answer 13

B. Integrity

Question 14

Edward Snowden gathered a massive quantity of sensitive information from the National
Security Agency and released it to the media without permission.

What type of attack
did he wage?
A. Disclosure
B. Denial
C. Alteration
D. Availability

Answer 14

A. Disclosure

Question 15

Assuming no significant changes in an organization’s cardholder data environment, how
often does PCI DSS require that a merchant accepting credit cards conduct penetration testing?
A. Monthly
B. Semiannually
C. Annually
D. Biannually

Answer 15

C. Annually
(or after any significant change in the cardholder data environment)

Question 16

Which one of the following is not a benefit of using an internal penetration testing team?
A. Contextual knowledge
B. Cost
C. Subject matter expertise
D. Independence

Answer 16

D. Independence

Question 17

Which one of the following is not a reason to conduct periodic penetration tests of systems
and applications?
A. Changes in the environment
B. Cost
C. Evolving threats
D. New team members

Answer 17

B. Cost

Question 18

Rich recently got into trouble with a client for using an attack tool during a penetration
test that caused a system outage. During what stage of the penetration testing process
should Rich and his clients have agreed on the tools and techniques that he would use during the test?
A. Planning and Scoping
B. Information Gathering and Vulnerability Scanning
C. Attacking and Exploiting
D. Reporting and Communication Results

Answer 18

A. Planning and Scoping

Question 19

Which one of the following steps of the Cyber Kill Chain does not map to the Attacking and
Exploiting stage of the penetration testing process?
A. Weaponization
B. Reconnaissance
C. Installation
D. Actions on Objectives

Answer 19

B. Reconnaissance

Question 20

Beth recently conducted a phishing attack against a penetration testing target in an attempt
to gather credentials that she might use in later attacks. What stage of the penetration testing
process is Beth in?

Answer 20

B. Attacking and Exploiting (she is conducting an
active social engineering attack.

Question 21

Which one of the following security assessment tools is not commonly used during the
Information Gathering and Vulnerability Scanning phase of a penetration test?
A. Nmap
B. Nessus
C. Metasploit
D. Nslookup

Answer 21

C. Metasploit
(exploitation framework , suited for Attacking and Exploiting phase

Question 22

During what phase of the Cyber Kill Chain does an attacker steal information, use computing resources, or alter information without permission?

Answer 22

C. Actions on Objectives

Question 23

Grace is investigating a security incident where the attackers left USB drives containing
infected files in the parking lot of an office building. What stage in the Cyber Kill Chain
describes this action?

Answer 23

C. Delivery

Question 24

Which one of the following is not an open source intelligence gathering tool?
A. WHOIS
B. Nslookup
C. Nessus
D. FOCA

Answer 24

C. Nessus (commercial vulnerability scanner)

FOCA (harvests information from files)

Question 25

Which one of the following tools is an exploitation framework commonly used by penetration testers?
A. Metasploit
B. Wireshark
C. Aircrack-ng
D. SET

Answer 25

A. Metasploit

Question 26

Which one of the following debugging tools does not support Windows systems?

A. GDB
B. OllyDbg
C. WinDbg
D. IDA

Answer 26

A. GDB (for Linux systems)

Question 27

Which one of the following tools is not a password-cracking utility?
A. OWASP ZAP
B. Cain and Abel
C. Hashcat
D. Jack the Ripper

Answer 27

A. OWASP ZAP (web proxy tool)

Question 28

What is the final stage of the Cyber Kill Chain?

Answer 28

C. Actions on Objectives

Question 29

Which of the following activities assumes that an organization has already been
compromised?

A. Penetration testing
B. Threat hunting
C. Vulnerability scanning
D. Software testing

Answer 29

B. Threat hunting

Question 30

Alan is creating a list of recommendations that his organization can follow to remediate
issues identified during a penetration test.

In what phase of the testing process is Alan participating?

Answer 30

B. Reporting and Communication

Question 31

Which one of the following vulnerability scanners is specifically designed to test the security
of web applications against a wide variety of attacks?

A. OpenVAS
B. Nessus
C. SQLmap
D. Nikto

Answer 31

D. Nikto