INMT 441 Module 8 Exam 2026
Questions and Answers Graded A+
penetration testing - Correct answer-attempts to exploit vulnerabilities just as a
threat actor would
vulnerability scanning - Correct answer-a process that uses automated tools to
identify and evaluate security weaknesses in an organization's IT systems,
networks, and software.
Security Information and Event Management (SIEM) - Correct answer-a
cybersecurity solution that collects, analyzes, and correlates security data from
various sources to detect threats, provide real-time monitoring, and support
incident response.
active scanning - Correct answer-sends test traffic transmissions into the network
and monitors the responses of the endpoints.
passive scanning - Correct answer-does not send any transmissions but instead
listens for normal traffic to gather the necessary information.
©COPYRIGHT 2026, ALL RIGHTS RESERVED 1
, default credentials testing - Correct answer-The scanner attempts to establish
connections with network devices (e.g., routers, switches, firewalls) using common
factory default usernames and passwords (e.g., admin/password).
web application fuzzing - Correct answer-the scanner automatically submits strings
of unusual characters, excessively long data, or special characters to web
application input fields to check for input validation errors
active scanning examples - Correct answer-port scanning, web application fuzzing,
default credentials testing
passive scanning examples - Correct answer-Monitoring network traffic for
outdated software
Spotting insecure protocols in live traffic
Detecting rogue WiFi or unauthorized devices
Identifying open ports only from observed traffic
Finding shadow IT and unmanaged endpoints
internal scanning - Correct answer-Scanning for security issues from inside a
company's own network, like looking for weaknesses that an employee or device
inside could exploit.
©COPYRIGHT 2026, ALL RIGHTS RESERVED 2
Questions and Answers Graded A+
penetration testing - Correct answer-attempts to exploit vulnerabilities just as a
threat actor would
vulnerability scanning - Correct answer-a process that uses automated tools to
identify and evaluate security weaknesses in an organization's IT systems,
networks, and software.
Security Information and Event Management (SIEM) - Correct answer-a
cybersecurity solution that collects, analyzes, and correlates security data from
various sources to detect threats, provide real-time monitoring, and support
incident response.
active scanning - Correct answer-sends test traffic transmissions into the network
and monitors the responses of the endpoints.
passive scanning - Correct answer-does not send any transmissions but instead
listens for normal traffic to gather the necessary information.
©COPYRIGHT 2026, ALL RIGHTS RESERVED 1
, default credentials testing - Correct answer-The scanner attempts to establish
connections with network devices (e.g., routers, switches, firewalls) using common
factory default usernames and passwords (e.g., admin/password).
web application fuzzing - Correct answer-the scanner automatically submits strings
of unusual characters, excessively long data, or special characters to web
application input fields to check for input validation errors
active scanning examples - Correct answer-port scanning, web application fuzzing,
default credentials testing
passive scanning examples - Correct answer-Monitoring network traffic for
outdated software
Spotting insecure protocols in live traffic
Detecting rogue WiFi or unauthorized devices
Identifying open ports only from observed traffic
Finding shadow IT and unmanaged endpoints
internal scanning - Correct answer-Scanning for security issues from inside a
company's own network, like looking for weaknesses that an employee or device
inside could exploit.
©COPYRIGHT 2026, ALL RIGHTS RESERVED 2
