10 p QUESTION 23 Which of the following is not included in the attack phase of p

Question

10 p QUESTION 23 Which of the following is not included in the attack phase of penetration testing? O The pen tester installs tools to get information on vulnerabilties. The pen tester gathers information about host names and IP addresses The pen tester browses the system to identify ways to get additional access. The pen tester escalates privileges beyond the regular user QUESTION 24 5 p Imagine that a breach of the system prevents a store's point-of-sale device from accessing the bank network to verify purchases. If some purchases are allowed to continue if they are under a specified dollar amount, then we can say the store's system is fail-secure. True False

Explanation / Answer

Question 23: The pen tester gathers information about host names and IP addresses. This is because while in the attack phase, this data has already been procured before.
Question 24: False. This is because there's a risk of selling an item to a credit card which was already maxed out, and for which the store won't be paid.

Related Questions

Navigate

• Browse (All)
• Browse 1
• Subjects

---

---

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.