FORMATIVE 1 Flashcards
(25 cards)
Which statement best describes the term ethical hacker?
a person who uses different tools than nonethical hackers to find vulnerabilities and exploit targets.
a person that is financially motivated to find vulnerabilities and exploit targets
a person that is looking to make a point or to promote what they believe
a person who mimics an attacker to evaluate the security posture of the network
a person who mimics an attacker to evaluate the security posture of the network
Which threat actor term describes a well-funded and motivated group that will use the latest attack techniques for financial gain?
hacktivist
state-sponsored attacker
organized crime
insider threat
organized crime
Which type of threat actor uses cybercrime to steal sensitive data and reveal it publicly to embarrass a target?
organized crime
hacktivist
insider threat
state-sponsored attacker
hacktivist
What is a state-sponsored attack?
An attack perpetrated by a well-funded and motivated group that will typically use the latest attack techniques for financial gain.
An attack perpetrated by governments worldwide to disrupt or steal information from other nations.
An attack perpetrated by disgruntled employees inside an organization.
An attack is perpetrated to steal sensitive data and then reveal it to the public to embarrass or financially affect a target
An attack perpetrated by governments worldwide to disrupt or steal information from other nations.
What is an insider threat attack?
An attack perpetrated by a well-funded and motivated group that will typically use the latest attack techniques for financial gain.
An attack perpetrated by governments worldwide to disrupt or steal information from other nations.
An attack perpetrated by disgruntled employees inside an organization
An attack is perpetrated to steal sensitive data and then reveal it to the public to embarrass or financially affect a target.
An attack perpetrated by disgruntled employees inside an organization.
What kind of security weakness is evaluated by application-based penetration tests?
firewall security
logic flaws
wireless deployment
data integrity between a client and a cloud provider
logic flaws
What two resources are evaluated by a network infrastructure penetration test? (Choose two.)
AAA servers
CSPs
web servers
IPSs
back-end databases
AAA servers
IPSs
When conducting an application-based penetration test on a web application, the assessment should also include testing access to which resources?
AAA servers
cloud services
switches, routers, and firewalls
back-end databases
back-end databases
What is the purpose of bug bounty programs used by companies?
reward security professionals for finding vulnerabilities in the systems of the company
reward security professionals for discovering malicious activities by attackers in the systems of the company
reward security professionals for fixing vulnerabilities in the systems of the company
reward security professionals for breaking into a corporate facility to expose weaknesses in the physical perimeter
reward security professionals for finding vulnerabilities in the systems of the company
What characterizes a partially known environment penetration test?
The tester must test the electrical grid supporting the infrastructure of the target.
The tester is provided with a list of domain names and IP addresses in the scope of a particular target.
The test is a hybrid approach between unknown and known environment tests.
The tester should not have prior knowledge of the organization and infrastructure of the target.
The test is a hybrid approach between unknown and known environment tests
What characterizes a known environment penetration test?
The test is somewhat of a hybrid approach between unknown and known environment tests.
The tester could be provided with network diagrams, IP addresses, configurations, and user credentials.
The tester should not have prior knowledge of the organization and infrastructure of the target.
The tester may be provided only the domain names and IP addresses in the scope of a particular target.
The tester could be provided with network diagrams, IP addresses, configurations, and user credentials.
Which type of penetration test would only provide the tester with limited information such as the domain names and IP addresses in the scope?
known-environment test
partially known environment test
unknown-environment test
OWASP Web Security Testing Guide
unknown-environment test
Match the penetration testing methodology to the description:
lays out repeatable and consistent security testing
.
covers the high-level phases of web application security testing.
collection of different matrices of tactics and techniques that adversaries use while preparing for an attack.
provides organizations with guidelines on planning and conducting information security testing.
provides information about types of attacks and methods.
MTRE ATT&CK -
NIST SP 800-115 -
OSSTMM -
PTES -
OWASP WSTG -
MTRE ATT&CK - collection of different matrices of tactics and techniques that adversaries use while preparing for an attack
NIST SP 800-115 - provides organizations with guidelines on planning and conducting information security testing
OSSTMM - lays out repeatable and consistent security testing
PTES - provides information about types of attacks and methods
OWASP WSTG - covers the high-level phases of web application security testing
Which three options are phases in the Penetration Testing Execution Standard (PTES)? (Choose three.)
Threat modeling
Penetration
Reporting
Enumerating further
Network mapping
Exploitation
Threat modeling
Reporting
Exploitation
Which two options are phases in the Information Systems Security Assessment Framework (ISSAF)? (Choose two.)
Pre-engagement interactions
Maintaining access
Reporting
Post-exploitation
Vulnerability identification
Maintaining Access
Vulnerability Identification
Which two options are phases in the Open Source Security Testing Methodology Manual (OSSTMM)? (Choose two.)
Vulnerability Analysis
Maintaining Access
Work Flow
Network Mapping
Trust Analysis
Work Flow
Trust Analysis
Which penetration testing methodology is a comprehensive guide focused on web application testing?
MITRE ATT&CK
OWA SP WSTG
NIST SP 800-115
OSSTMM
OWA SP WSTG
Which option is a Linux distribution that includes penetration testing tools and resources?
OWASP
PTES
SET
BlackArch
BlackArch
Which option is a Linux distribution URL that provides a convenient learning environment about pen testing tools and methodologies?
vmware.com
attack.mitre.org
parrotsec.org
virtualbox.org
parrotsec.org
What does the “Health Monitoring” requirement mean when setting up a penetration test lab environment?
The tester needs to be sure that a lack of resources is not the cause of false results.
The tester needs to be able to determine the causes when something crashes.
The tester needs to ensure controlled access to and from the lab environment and restricted access to the internet.
The tester validates a finding running the same test with a different tool to see if the results are the same.
The tester needs to be able to determine the causes when something crashes.
Which tool would be useful when performing a network infrastructure penetration test?
vulnerability scanning tool
bypassing firewalls and IPSs tool
interception proxies tool
mobile application testing tool
bypassing firewall and IPSs tool
Which tool should be used to perform an application-based penetration test?
sniffing traffic tool
bypassing firewalls and IPSs tool
interception proxies tool
cracking wireless encryption tool
interception proxies tool
Which tools should be used to perform a wireless infrastructure penetration test?
web vulnerability detection tools
traffic manipulation tools
proxy interception tools
de-authorizing network devices tools
de-authorizing network devices tools
Which tools should be used for testing the server and client platforms in an environment?
cracking wireless encryption tools
vulnerability scanning tools
interception proxies tools
de-authorizing network devices tools
vulnerability scanning tools
