Comptia Pentest+ 2023 Questions and answer - Part 57
1. Select the detailed process that identify security flaws and their locations.
A) Cross-compiling
B) Vulnerability Mapping
C) Exploit Modification
D) Cross-building
2. Which of the following is a process of finding all available information on a target system or service in support of developing a plan of attack?
A) Enumeration
B) Fingerprinting
C) Vulnerability Mapping
D) Vulnerability Scanning
3. Following are the vulnerability scanners commonly used in penetration testing, except __________________.
A) OpenVAS
B) Nessus
C) IDA
D) SQLmap
4. Which of the following maintains a list of known vulnerabilities including an identification number and description of those cybersecurity vulnerabilities?
A) CERT
B) CVE
C) CWE
D) CAPEC
5. Ricky is conducting a penetration test on a web application and is looking for potential vulnerabilities to exploit. Which of the following vulnerabilities does not commonly exist in web applications?
A) Cross-site Scripting
B) Buffer Overflow
C) VM Escape
D) SQL Injection
A) Cross-compiling
B) Vulnerability Mapping
C) Exploit Modification
D) Cross-building
2. Which of the following is a process of finding all available information on a target system or service in support of developing a plan of attack?
A) Enumeration
B) Fingerprinting
C) Vulnerability Mapping
D) Vulnerability Scanning
3. Following are the vulnerability scanners commonly used in penetration testing, except __________________.
A) OpenVAS
B) Nessus
C) IDA
D) SQLmap
4. Which of the following maintains a list of known vulnerabilities including an identification number and description of those cybersecurity vulnerabilities?
A) CERT
B) CVE
C) CWE
D) CAPEC
5. Ricky is conducting a penetration test on a web application and is looking for potential vulnerabilities to exploit. Which of the following vulnerabilities does not commonly exist in web applications?
A) Cross-site Scripting
B) Buffer Overflow
C) VM Escape
D) SQL Injection
1. Right Answer: B
Explanation: A dictionary attack uses existing wordlists that get expanded whenever real-world passwords are discovered.
2. Right Answer: A
Explanation: Vulnerability mapping is the process of detailing identified vulnerabilities and their locations, whether they are physical (no cameras or guards at a back entrance, for instance) or logical (such as SMBv1 being enabled on a Windows 2008 server).
3. Right Answer: C
Explanation: Enumeration is the process of finding all available information on a target system or service in support of developing a plan of attack.
4. Right Answer: B
Explanation: IDA or the Interactive Disassembler is a disassembly tool that can generate assembly language source code for an application that is the executable directly, and is not a vulnerability scanning tool.
5. Right Answer: C
Explanation: Common Vulnerabilities and Exposure (CVE) maintains the list of known vulnerabilities including an identification number and description of those cybersecurity vulnerabilities.
Explanation: A dictionary attack uses existing wordlists that get expanded whenever real-world passwords are discovered.
2. Right Answer: A
Explanation: Vulnerability mapping is the process of detailing identified vulnerabilities and their locations, whether they are physical (no cameras or guards at a back entrance, for instance) or logical (such as SMBv1 being enabled on a Windows 2008 server).
3. Right Answer: C
Explanation: Enumeration is the process of finding all available information on a target system or service in support of developing a plan of attack.
4. Right Answer: B
Explanation: IDA or the Interactive Disassembler is a disassembly tool that can generate assembly language source code for an application that is the executable directly, and is not a vulnerability scanning tool.
5. Right Answer: C
Explanation: Common Vulnerabilities and Exposure (CVE) maintains the list of known vulnerabilities including an identification number and description of those cybersecurity vulnerabilities.
Comments
0
CA Foundation Business Economics Questions 2023 - Part 32
03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 31
03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 29
03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 28
03 Mar 2023
