CI 320 Final Review Exam Questions &
Answers (Grade A+)
2.1 Penetration testing is the practice of finding vulnerabilities and
risks with the purpose of securing a computer or network.
Penetration testing falls under which all-encompassing term?
Red teaming
Blue teaming
Network scanning
Ethical hacking -
correct answer ✅Ethical Hacking
2.1 Heather is performing a penetration test. She has gathered a lot
of valuable information about her target already. Heather has used
some hacking tools to determine that, on her target network, a
computer named Production Workstation has port 445 open.
Which step in the ethical hacking methodology is Heather
performing?
Gain access
Reconnaissance
Scanning and enumeration
Maintain access -
correct answer ✅Scanning and enumeration
,CI 320 Final Review Exam Questions &
Answers (Grade A+)
2.1 Which of the following is the third step in the ethical hacking
methodology?
Scanning and enumeration
Gain access
Reconnaissance
Clear your tracks -
correct answer ✅Gain access
2.1 Miguel is performing a penetration test on his client's web-
based application. Which penetration test frameworks should
Miguel utilize?
OWASP
ISO/IEC 27001
OSSTMM
NIST SP 800-115 -
correct answer ✅OWASP
,CI 320 Final Review Exam Questions &
Answers (Grade A+)
2.1 The penetration testing life cycle is a common methodology
used when performing a penetration test. This methodology is
almost identical to the ethical hacking methodology. Which of the
following is the key difference between these methodologies?
Reporting
Reconnaissance
Maintain access
Gain access -
correct answer ✅Reporting
2.1 You are executing an attack in order to simulate an outside
attack. Which type of penetration test are you performing?
Black hat
White box
White hat
Black box -
correct answer ✅Black box
, CI 320 Final Review Exam Questions &
Answers (Grade A+)
2.1 Which of the following best describes a gray box penetration
test?
The ethical hacker is given full knowledge of the target or network.
The ethical hacker has partial information about the target or
network.
The ethical hacker has no information regarding the target or
network.
The ethical hacker is given strict guidelines about what can be
targeted. -
correct answer ✅The ethical hacker has partial information about
the target or network.
2.1 Randy was just hired as a penetration tester for the red team.
Which of the following best describes the red team?
Is responsible for establishing and implementing policies.
Acts as a pipeline between teams and can work on any side.
Is a team of specialists that focus on the organization's defensive
security.
Answers (Grade A+)
2.1 Penetration testing is the practice of finding vulnerabilities and
risks with the purpose of securing a computer or network.
Penetration testing falls under which all-encompassing term?
Red teaming
Blue teaming
Network scanning
Ethical hacking -
correct answer ✅Ethical Hacking
2.1 Heather is performing a penetration test. She has gathered a lot
of valuable information about her target already. Heather has used
some hacking tools to determine that, on her target network, a
computer named Production Workstation has port 445 open.
Which step in the ethical hacking methodology is Heather
performing?
Gain access
Reconnaissance
Scanning and enumeration
Maintain access -
correct answer ✅Scanning and enumeration
,CI 320 Final Review Exam Questions &
Answers (Grade A+)
2.1 Which of the following is the third step in the ethical hacking
methodology?
Scanning and enumeration
Gain access
Reconnaissance
Clear your tracks -
correct answer ✅Gain access
2.1 Miguel is performing a penetration test on his client's web-
based application. Which penetration test frameworks should
Miguel utilize?
OWASP
ISO/IEC 27001
OSSTMM
NIST SP 800-115 -
correct answer ✅OWASP
,CI 320 Final Review Exam Questions &
Answers (Grade A+)
2.1 The penetration testing life cycle is a common methodology
used when performing a penetration test. This methodology is
almost identical to the ethical hacking methodology. Which of the
following is the key difference between these methodologies?
Reporting
Reconnaissance
Maintain access
Gain access -
correct answer ✅Reporting
2.1 You are executing an attack in order to simulate an outside
attack. Which type of penetration test are you performing?
Black hat
White box
White hat
Black box -
correct answer ✅Black box
, CI 320 Final Review Exam Questions &
Answers (Grade A+)
2.1 Which of the following best describes a gray box penetration
test?
The ethical hacker is given full knowledge of the target or network.
The ethical hacker has partial information about the target or
network.
The ethical hacker has no information regarding the target or
network.
The ethical hacker is given strict guidelines about what can be
targeted. -
correct answer ✅The ethical hacker has partial information about
the target or network.
2.1 Randy was just hired as a penetration tester for the red team.
Which of the following best describes the red team?
Is responsible for establishing and implementing policies.
Acts as a pipeline between teams and can work on any side.
Is a team of specialists that focus on the organization's defensive
security.
