Ethical Hacker Chapter 2 Test Questions and Answers

Ethical Hacker Chapter 2 Test Questions and Answers Penetration testing is the practice of finding vulnerabilities and risks with the purpose of securing a computer or network. Penetration testing falls under which all-encompassing term? - ANSWER Ethical Hacking Heather is performing a penetration test. She has gathered a lot of valuable information about her target already. Heather has used some hacking tools to determine that, on her target network, a computer named Production Workstation has port 445 open. Which step in the ethical hacking methodology is Heather performing? - ANSWER Scanning and enumeration Which of the following is the third step in the ethical hacking methodology? - ANSWER Gain access Miguel is performing a penetration test on his client's web-based application. Which penetration test frameworks should Miguel utilize? - ANSWER OWASP The penetration testing life cycle is a common methodology used when performing a penetration test. This methodology is almost identical to the ethical hacking methodology. Which of the following is the key difference between these methodologies? - ANSWER Reporting You are executing an attack in order to simulate an outside attack. Which type of penetration test are you performing? - ANSWER Black box Which of the following best describes a gray box penetration test? - ANSWER Which of the following best describes a gray box penetration test? Randy was just hired as a penetration tester for the red team. Which of the following best describes the red team? - ANSWER Performs offensive security tasks to test the network's security. The Stuxnet worm was discovered in 2010 and was used to gain sensitive information on Iran's industrial infrastructure. This worm was probably active for about five years before being discovered. During this time, the attacker had access to the target. Which type of attack was Stuxnet? - ANSWER APT