Question 1

At which level of penetration testing are testers given limited knowledge of the network and some elevated privileges?

Accepted Answer

A)  Gray box 
B)  White box 
C)  Black box 
D)  Yellow box 
A)  Gray box 
B)  White box 
C)  Black box 
D)  Yellow box A

Question 2

What is the process of turning binary machine language back into source code?

Accepted Answer

A)  Reverse engineering 
B)  Disassembling 
C)  Decomposition 
D)  Decompensation 
A)  Reverse engineering 
B)  Disassembling 
C)  Decomposition 
D)  Decompensation C

Question 3

Which of the following is not considered an advantage of contracting with an external third party to conduct a penetration test?

Accepted Answer

A)  Expertise 
B)  Focus 
C)  Experience 
D)  Cost 
A)  Expertise 
B)  Focus 
C)  Experience 
D)  Cost D

Question 4

______________ bias tends to discount future risks and gains in favor of immediate gratification.

Accepted Answer

The answer of ______________ bias tends to discount future risks...

Question 5

What term describes an expansion of a test beyond the initial set of the test's limitations?

Accepted Answer

The answer of What term describes an expansion of a...

Question 6

Which of the following biases involves making a decision before investigating and then only looking for data that supports the theory?

Accepted Answer

A)  Present bias 
B)  Framing effect 
C)  Confirmation bias 
D)  Availability bias 
A)  Present bias 
B)  Framing effect 
C)  Confirmation bias 
D)  Availability bias

Question 7

A risk matrix is a visual color-coded tool that lists the impact and likelihood of risks.

Accepted Answer

A) True 
 B)False

Question 8

Which of the following is the isolation of malware from interaction with a computer's operating system, hardware, and files?

Accepted Answer

A)  Disassembling 
B)  Sandboxing 
C)  Decompiling 
D)  Reverse engineering 
A)  Disassembling 
B)  Sandboxing 
C)  Decompiling 
D)  Reverse engineering

Question 9

For software, a digital representation or _______________ of the original file can be created and then compared against a later version of the file; if the two versions match, the code has not changed.

Accepted Answer

The answer of For software, a digital representation or _______________...

Question 10

What term describes a network of vendors, manufacturers, and distributors that move a product from the supplier to the customer?

Accepted Answer

The answer of What term describes a network of vendors,...

At which level of penetration testing are testers given limited knowledge of the network and some elevated privileges?

What is the process of turning binary machine language back into source code?

Which of the following is not considered an advantage of contracting with an external third party to conduct a penetration test?

______________ bias tends to discount future risks and gains in favor of immediate gratification.

What term describes an expansion of a test beyond the initial set of the test's limitations?

Which of the following biases involves making a decision before investigating and then only looking for data that supports the theory?

A risk matrix is a visual color-coded tool that lists the impact and likelihood of risks.

Which of the following is the isolation of malware from interaction with a computer's operating system, hardware, and files?

For software, a digital representation or _______________ of the original file can be created and then compared against a later version of the file; if the two versions match, the code has not changed.

What term describes a network of vendors, manufacturers, and distributors that move a product from the supplier to the customer?

Applying Environmental Reconnaissance

Analyzing Network Reconnaissance

Strengthening the Network

Scanning for Vulnerabilities

Analyzing Vulnerability Scans and Identifying Common Vulnerabilities

Reacting to a Cyber Incident: Impact and Forensics

Reacting to a Cyber Incident: Communication and Incident Recovery

Reacting to a Cyber Incident: Analyzing Common Symptoms

Security Structures and Identity and Access Management

Defense in Depth, Software Development, and Data Analytics

Filters

Exam 4: Exploring Penetration Testing

At which level of penetration testing are testers given limited knowledge of the network and some elevated privileges?

What is the process of turning binary machine language back into source code?

Which of the following is not considered an advantage of contracting with an external third party to conduct a penetration test?

______________ bias tends to discount future risks and gains in favor of immediate gratification.

What term describes an expansion of a test beyond the initial set of the test's limitations?

Which of the following biases involves making a decision before investigating and then only looking for data that supports the theory?

A risk matrix is a visual color-coded tool that lists the impact and likelihood of risks.

Which of the following is the isolation of malware from interaction with a computer's operating system, hardware, and files?

For software, a digital representation or _______________ of the original file can be created and then compared against a later version of the file; if the two versions match, the code has not changed.

What term describes a network of vendors, manufacturers, and distributors that move a product from the supplier to the customer?

Applying Environmental Reconnaissance

Analyzing Network Reconnaissance

Strengthening the Network

Scanning for Vulnerabilities

Analyzing Vulnerability Scans and Identifying Common Vulnerabilities

Reacting to a Cyber Incident: Impact and Forensics

Reacting to a Cyber Incident: Communication and Incident Recovery

Reacting to a Cyber Incident: Analyzing Common Symptoms

Security Structures and Identity and Access Management

Defense in Depth, Software Development, and Data Analytics

Filters