If you were to see that someone was using OpenVAS, followed by Nessus, what
might you assume? - ANSWER They were trying to reduce false positives.
What is the difference between a false positive and a false negative? -
ANSWER A false positive indicates a finding that doesn't exist, while a false
negative doesn't indicate a finding that does exist.
Which of these may be considered worst practice when it comes to vulnerability
scans? - ANSWER Taking no action on the results
Which of these may be considered an evasive technique? - ANSWER
Encoding data
If you were to notice operating system commands inside a DNS request while
looking at a packet capture, what might you be looking at? - ANSWER
Tunneling attack
What would be a reason to use the Override feature in OpenVAS? - ANSWER
You want to change a severity rating on a finding.
What would you use credentials for in a vulnerability scanner? - ANSWER
Scanning for local vulnerabilities
What is fragroute primarily used for? - ANSWER Fragmenting application
traffic
Olivia, a black hat hacker, captures the information transmitted by the remote
host to expose the application type, application version, and even operating
system type and version. Which of the following techniques will she use to
obtain information about the target system? - ANSWER Banner grabbing
Which of the following tools is used to scan for vulnerabilities on a target
system or a network? - ANSWER Nessus
, Laura, a penetration tester, is asked to identify which services and desktops
have missing security patches. Which of the following will she use to
accomplish the task? - ANSWER Vulnerability scanner
Marry, a deployment manager, works with a software development group to
assess the security of a new version of the organization's internally developed
ERP tool. The organization prefers focusing on assessing security throughout
the life cycle. Which of the following methods should she perform to assess the
security of the product? - ANSWER Vulnerability scanning of the production
environment
Which of the following are the countermeasures for port scanning? Each correct
answer represents a complete solution. Choose all that apply. - ANSWER
Configure firewall and IDS rules to detect and block probes.
Ensure that anti-scanning and anti-spoofing rules are configured.
Filter all ICMP messages at the firewalls and router.
You are hired to perform a technical assessment on the network for discovering
vulnerabilities on a Windows-based computer. Which of the following tools
will you use? - ANSWER Nessus
Juan, a penetration tester, is asked to perform a penetration test from an external
IP address with no prior knowledge of the internal IT systems. What kind of test
will Juan perform? - ANSWER Black box
Who is the creator of Metasploit? - ANSWER HD Moore
What is Phrack? Select all that apply - ANSWER longest-running hacker
magazine at the time
IRC chat room
T or F: The biggest issue penetration testers faced in the 90s was getting the
necessary exploits to demonstrate machine vulnerabilities - ANSWER T
What is Metasploit? - ANSWER An exploit toolkit
might you assume? - ANSWER They were trying to reduce false positives.
What is the difference between a false positive and a false negative? -
ANSWER A false positive indicates a finding that doesn't exist, while a false
negative doesn't indicate a finding that does exist.
Which of these may be considered worst practice when it comes to vulnerability
scans? - ANSWER Taking no action on the results
Which of these may be considered an evasive technique? - ANSWER
Encoding data
If you were to notice operating system commands inside a DNS request while
looking at a packet capture, what might you be looking at? - ANSWER
Tunneling attack
What would be a reason to use the Override feature in OpenVAS? - ANSWER
You want to change a severity rating on a finding.
What would you use credentials for in a vulnerability scanner? - ANSWER
Scanning for local vulnerabilities
What is fragroute primarily used for? - ANSWER Fragmenting application
traffic
Olivia, a black hat hacker, captures the information transmitted by the remote
host to expose the application type, application version, and even operating
system type and version. Which of the following techniques will she use to
obtain information about the target system? - ANSWER Banner grabbing
Which of the following tools is used to scan for vulnerabilities on a target
system or a network? - ANSWER Nessus
, Laura, a penetration tester, is asked to identify which services and desktops
have missing security patches. Which of the following will she use to
accomplish the task? - ANSWER Vulnerability scanner
Marry, a deployment manager, works with a software development group to
assess the security of a new version of the organization's internally developed
ERP tool. The organization prefers focusing on assessing security throughout
the life cycle. Which of the following methods should she perform to assess the
security of the product? - ANSWER Vulnerability scanning of the production
environment
Which of the following are the countermeasures for port scanning? Each correct
answer represents a complete solution. Choose all that apply. - ANSWER
Configure firewall and IDS rules to detect and block probes.
Ensure that anti-scanning and anti-spoofing rules are configured.
Filter all ICMP messages at the firewalls and router.
You are hired to perform a technical assessment on the network for discovering
vulnerabilities on a Windows-based computer. Which of the following tools
will you use? - ANSWER Nessus
Juan, a penetration tester, is asked to perform a penetration test from an external
IP address with no prior knowledge of the internal IT systems. What kind of test
will Juan perform? - ANSWER Black box
Who is the creator of Metasploit? - ANSWER HD Moore
What is Phrack? Select all that apply - ANSWER longest-running hacker
magazine at the time
IRC chat room
T or F: The biggest issue penetration testers faced in the 90s was getting the
necessary exploits to demonstrate machine vulnerabilities - ANSWER T
What is Metasploit? - ANSWER An exploit toolkit
