Solution and Answer Guide: Wilson, PenTest+: Guide to Penetration Testing 2024,
Solution and Answer Guide WILSON, PENT EST+: GUIDE TO PENETRATION T ESTING 2024, 9780357950654;
MODULE 1-13 MODULE 01: INTRODUCTION TO PENETRATION TESTING
TABLE OF CONTENTS Review Questions ........................................................................................................................................ 1 Activities ...................................................................................................................................................... 5 Case Projects ............................................................................................................................................... 5
REVIEW QUESTIONS 1.
What are two other terms for penetration testing? a. Vulnerability testing b. Pen testing c. Ethical hacking d. Blue teaming Answer: b, c Penetration testing is also known as pen testing or ethical hacking and is an authorized series of security-related, non-malicious ―attacks‖ on targets such as computing devices, applications, or an organization‘s physical resources and personnel.
2.
The purpose of pen testing is to discover vulnerabilities in targets so that these vulnerabilities can be eliminated or mitigated. a. True b. False Answer: a The purpose of pen testing is to discover vulnerabilities in targets so that the vulnerabilities can be eliminated or mitigated before a threat actor with malicious intent exploits them to cause damage to systems, data, and the organization that owns them.
3.
Pen testing should be performed under which of the following circumstances? Choose all that apply. a. A new computer system has been installed. b. A new software system or an update to a software system has been installed. c. Following a regular schedule to make sure no unknown changes have impacted security. d. Performed as dictated by compliance standards such as PCI DSS. Answer: a, b, c, d
© 2022 Cengage. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.
1