Chapter 1.4 Questions an der FernUniversität In Hagen | Karteikarten & Zusammenfassungen

Lernmaterialien für Chapter 1.4 Questions an der FernUniversität in Hagen

Greife auf kostenlose Karteikarten, Zusammenfassungen, Übungsaufgaben und Altklausuren für deinen Chapter 1.4 Questions Kurs an der FernUniversität in Hagen zu.

TESTE DEIN WISSEN

What is the primary difference between pen tests and vulnerability scans?

Lösung anzeigen
TESTE DEIN WISSEN

Vulnerability scans never use credentials

Lösung ausblenden
TESTE DEIN WISSEN

You've been asked to examine a custom web application your company is developing. You will have access to design documents, data structure descriptions, data flow diagrams, and any other details about the application you think would be useful. This is an example of what type of testing?

Lösung anzeigen
TESTE DEIN WISSEN

White box testing

Lösung ausblenden
TESTE DEIN WISSEN

You are attempting to perform an external vulnerability assessment for a client, but your source IP addresses keep getting blocked every time you attempt to run a vulnerability scan. The client confirms this is "as expected" behavior. You aren't able to scan for vulnerabilities , but you have been able to do which of the following?

Lösung anzeigen
TESTE DEIN WISSEN

Passively test securitly controls

Lösung ausblenden
TESTE DEIN WISSEN

A colleague shows you a scanning report indicating your web server is not vulnerable to the Heartbleed bug. You know this isn't true as you've personally verified that web server is vulnerable. You believe the scanner used to examine your web server is reporting which of the following?

Lösung anzeigen
TESTE DEIN WISSEN

False negative

Lösung ausblenden
TESTE DEIN WISSEN

You've been asked to examine network traffic for evidence of compromise. You have 1TB of tcpdump logs to review. Which of the following tools would you use to examine these logs?

Lösung anzeigen
TESTE DEIN WISSEN

Nmap

Lösung ausblenden
TESTE DEIN WISSEN

A colleague calls you to ask for assistance. He is having trouble keeping an attacker out of his network. He tells you no matter what he tries, he can't seem to keep the attacker out of his network and he has no idea how the attacker keeps getting in. This is an example of what kind of attack?

Lösung anzeigen
TESTE DEIN WISSEN

Whack-a-mole attack

Lösung ausblenden
TESTE DEIN WISSEN

Your network traffic logs show a large spike in traffic to your DNS server. Looking at the logs, you see a large number of TCP connection attempts from a single IP address. The destination port of the TCP connections seems to increment by one with each new connection attempt. This is most likely an example of what activity?

Lösung anzeigen
TESTE DEIN WISSEN

Initial exploitation

Lösung ausblenden
TESTE DEIN WISSEN

Which of the following would be an example of initial exploitation?

Lösung anzeigen
TESTE DEIN WISSEN

Using a SQL injection attack to successfully bypass a login prompt

Lösung ausblenden
TESTE DEIN WISSEN

Which of the following is a passive tool?

Lösung anzeigen
TESTE DEIN WISSEN

Zenmap

Lösung ausblenden
TESTE DEIN WISSEN

What is the main difference between a credentialed and non-credentialed vulnerabiltiy scan?

Lösung anzeigen
TESTE DEIN WISSEN

A credentialed scan is performed with a vaild userid/password

Lösung ausblenden
TESTE DEIN WISSEN

While validating a vulnerability, your colleague changes the password of the administrator account on the Windows Server she is examining (as proof of success). This is an example of what type of testing?

Lösung anzeigen
TESTE DEIN WISSEN

Intrusive testing

Lösung ausblenden
TESTE DEIN WISSEN

You've been asked to perform an assessment of a new software application. Your client wants you to perform the assessment without providing you any information about how the software was developed or how the data is processed by the application. This is an example of what type of testing?

Lösung anzeigen
TESTE DEIN WISSEN

Black box testing

Lösung ausblenden
  • 245097 Karteikarten
  • 6456 Studierende
  • 92 Lernmaterialien

Beispielhafte Karteikarten für deinen Chapter 1.4 Questions Kurs an der FernUniversität in Hagen - von Kommilitonen auf StudySmarter erstellt!

Q:

What is the primary difference between pen tests and vulnerability scans?

A:

Vulnerability scans never use credentials

Q:

You've been asked to examine a custom web application your company is developing. You will have access to design documents, data structure descriptions, data flow diagrams, and any other details about the application you think would be useful. This is an example of what type of testing?

A:

White box testing

Q:

You are attempting to perform an external vulnerability assessment for a client, but your source IP addresses keep getting blocked every time you attempt to run a vulnerability scan. The client confirms this is "as expected" behavior. You aren't able to scan for vulnerabilities , but you have been able to do which of the following?

A:

Passively test securitly controls

Q:

A colleague shows you a scanning report indicating your web server is not vulnerable to the Heartbleed bug. You know this isn't true as you've personally verified that web server is vulnerable. You believe the scanner used to examine your web server is reporting which of the following?

A:

False negative

Q:

You've been asked to examine network traffic for evidence of compromise. You have 1TB of tcpdump logs to review. Which of the following tools would you use to examine these logs?

A:

Nmap

Mehr Karteikarten anzeigen
Q:

A colleague calls you to ask for assistance. He is having trouble keeping an attacker out of his network. He tells you no matter what he tries, he can't seem to keep the attacker out of his network and he has no idea how the attacker keeps getting in. This is an example of what kind of attack?

A:

Whack-a-mole attack

Q:

Your network traffic logs show a large spike in traffic to your DNS server. Looking at the logs, you see a large number of TCP connection attempts from a single IP address. The destination port of the TCP connections seems to increment by one with each new connection attempt. This is most likely an example of what activity?

A:

Initial exploitation

Q:

Which of the following would be an example of initial exploitation?

A:

Using a SQL injection attack to successfully bypass a login prompt

Q:

Which of the following is a passive tool?

A:

Zenmap

Q:

What is the main difference between a credentialed and non-credentialed vulnerabiltiy scan?

A:

A credentialed scan is performed with a vaild userid/password

Q:

While validating a vulnerability, your colleague changes the password of the administrator account on the Windows Server she is examining (as proof of success). This is an example of what type of testing?

A:

Intrusive testing

Q:

You've been asked to perform an assessment of a new software application. Your client wants you to perform the assessment without providing you any information about how the software was developed or how the data is processed by the application. This is an example of what type of testing?

A:

Black box testing

Chapter 1.4 Questions

Erstelle und finde Lernmaterialien auf StudySmarter.

Greife kostenlos auf tausende geteilte Karteikarten, Zusammenfassungen, Altklausuren und mehr zu.

Jetzt loslegen

Das sind die beliebtesten StudySmarter Kurse für deinen Studiengang Chapter 1.4 Questions an der FernUniversität in Hagen

Für deinen Studiengang Chapter 1.4 Questions an der FernUniversität in Hagen gibt es bereits viele Kurse, die von deinen Kommilitonen auf StudySmarter erstellt wurden. Karteikarten, Zusammenfassungen, Altklausuren, Übungsaufgaben und mehr warten auf dich!

Das sind die beliebtesten Chapter 1.4 Questions Kurse im gesamten StudySmarter Universum

questions

Universität Regensburg

Zum Kurs

Die all-in-one Lernapp für Studierende

Greife auf Millionen geteilter Lernmaterialien der StudySmarter Community zu
Kostenlos anmelden Chapter 1.4 Questions
Erstelle Karteikarten und Zusammenfassungen mit den StudySmarter Tools
Kostenlos loslegen Chapter 1.4 Questions