Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

A. True B. False Question 19 of 41 2.0 Points A. Lexis-Nexis B. Dunn & Bradstree

ID: 3871681 • Letter: A

Question

A. True

B. False

Question 19 of 41

2.0 Points

A. Lexis-Nexis

B. Dunn & Bradstreet

C. Artemis

D. Whois

E. Either A or B

Question 20 of 41

2.0 Points

A. Data that can be gathered from public sources, which is very reliable.

B. Data that can be gathered from public sources, which may not be reliable.

C. Data that can be gathered from private sources, which is very reliable.

D. Data that can be gathered from private sources, which may not be reliable.

E. None of the above.

Question 21 of 41

2.0 Points

A. Services

B. User accounts

C. Ports

D. Shares

E. All of the above

Question 22 of 41

2.0 Points

A. Login to remote machines

B. Forward arbitrary TCP ports between any two machines

C. Upload and download files from a remote machine

D. Create quick proxy servers

E. All of the above

Question 23 of 41

2.0 Points

A. Passive data gathering

B. Active scanning of phone numbers

C. Actively mapping an organization’s vulnerabilities

D. Using vulnerability scanners to map an organization

E. None of the above

Question 24 of 41

2.0 Points

A. Corporate directory

B. Corporate website’s “about us” page

C. Financial information

D. All of the above

E. A & C only

Question 25 of 41

2.0 Points

A. Notify the company of the vulnerability, even though it's outside your scope.

B. Not notify the company of the vulnerability, because it's outside your scope.

C. Fix the vulnerability by downloading the patch and installing it.

D. Notify your colleagues so that they can have a laugh about the absurd security at the firm you're testing.

Threat modeling is a step of the Penetration Testing Execution Standard that is only done when performing a penetration test, not by an attacker.

A. True

B. False

Reset Selection

Question 19 of 41

2.0 Points

If you were looking for historical financial information about a company, you want to check __________ database.

A. Lexis-Nexis

B. Dunn & Bradstreet

C. Artemis

D. Whois

E. Either A or B

Reset Selection

Question 20 of 41

2.0 Points

When gathering information about a firm, which of the following best describes OSINT (Open Source Intelligence)?

A. Data that can be gathered from public sources, which is very reliable.

B. Data that can be gathered from public sources, which may not be reliable.

C. Data that can be gathered from private sources, which is very reliable.

D. Data that can be gathered from private sources, which may not be reliable.

E. None of the above.

Reset Selection

Question 21 of 41

2.0 Points

What can enumeration of a computer system discover?

A. Services

B. User accounts

C. Ports

D. Shares

E. All of the above

Reset Selection

Question 22 of 41

2.0 Points

SSH can be used to:

A. Login to remote machines

B. Forward arbitrary TCP ports between any two machines

C. Upload and download files from a remote machine

D. Create quick proxy servers

E. All of the above

Reset Selection

Question 23 of 41

2.0 Points

What is the best description of footprinting?

A. Passive data gathering

B. Active scanning of phone numbers

C. Actively mapping an organization’s vulnerabilities

D. Using vulnerability scanners to map an organization

E. None of the above

Reset Selection

Question 24 of 41

2.0 Points

Which of the following pieces of public information is likely to be useful in planning an attack?

A. Corporate directory

B. Corporate website’s “about us” page

C. Financial information

D. All of the above

E. A & C only

Reset Selection

Question 25 of 41

2.0 Points

While testing a server for a firm, you find a severe vulnerability that you know can be easily fixed with a patch from the vendor. You have already gained the administrator access to the machine in question. The vulnerability is outside the scope of your original test. You should:

A. Notify the company of the vulnerability, even though it's outside your scope.

B. Not notify the company of the vulnerability, because it's outside your scope.

C. Fix the vulnerability by downloading the patch and installing it.

D. Notify your colleagues so that they can have a laugh about the absurd security at the firm you're testing.

Explanation / Answer

FALSE
Threat modeling has two key traditional elements: assets and attacker. Each element is clearly identified and documented in every penetration test.

19) Answer: B

20 ) Answer : B

21) Answer : E

22) Answer : E

23) Answer : A

24) Answer : E

25 ) Answer : A

Related Questions

A. The potassium molecules will move into the extracellular space until the elec
Question #201525
A. The preferred method used to smooth the trend in a time series is called a __
Question #3225045
A. The price elasticity of toy cars that you sell is-4.00; you currently charge
Question #1151420
A. The probability of getting a certain disease is 0.2. A certain test is availa
Question #3239459
A. The probability of getting a certain disease is 0.2. A certain test is availa
Question #3254178
A. The quantity in column A is greater. B. The quantity in column B is greater c
Question #3089600
A. The quantum state of a particle can be specified by giving a complete set of
Question #1304959
A. The rate at which \"X\" can diffuse through a plasma membrane is inversely pr
Question #3472974
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
A. True B. False 40. A municipal water tower creates an elevated water table in
Next
A. True B. False Question 2 of 44 2.0 Points A. True B. False Question 3 of 44 2

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.