NEXT
PREV
Chapter 6
Security Assessment and Testing (Domain 6)
1.Duringaportscan,SusandiscoversasystemrunningservicesonTCP
andUDP137139andTCP445,aswellasTCP1433.Whattypeofsystem
isshelikelytofindifsheconnectstothemachine?
1.ALinuxemailserver
2.AWindowsSQLserver
3.ALinuxfileserver
4.AWindowsworkstation
2.Whichofthefollowingisamethodusedtodesignnewsoftwaretestsand
toensurethequalityoftests?
1.Codeauditing
2.Staticcodeanalysis
3.Regressiontesting
4.Mutationtesting
3.Duringaportscan,LaurenfoundTCPport443openonasystem.Which
toolisbestsuitedtoscanningtheservicethatismostlikelyrunningon
thatport?
1.zzuf
2.Nikto
3.Metasploit
4.sqlmap
4.Whatmessageloggingstandardiscommonlyusedbynetworkdevices,
LinuxandUnixsystems,andmanyotherenterprisedevices?
1.Syslog
2.Netlog
3.Eventlog
4.RemoteLogProtocol(RLP)
5.Alexwantstouseanautomatedtooltofillwebapplicationformstotest
forformatstringvulnerabilities.Whattypeoftoolshouldheuse?
1.Ablackbox
2.Abruteforcetool
3.Afuzzer
4.Astaticanalysistool
6.Susanneedstoscanasystemforvulnerabilities,andshewantstousean
opensourcetooltotestthesystemremotely.Whichofthefollowingtools
willmeetherrequirementsandallowvulnerabilityscanning?
1.Nmap
2.OpenVAS
3.MBSA
4.Nessus
7.NISTSpecialPublication80053Adescribesfourmajortypesof
assessmentobjectsthatcanbeusedtoidentifyitemsbeingassessed.If
theassessmentcoversIPSdevices,whichofthetypesofassessment
objectsisbeingassessed?
1.Aspecification
2.Amechanism
3.Anactivity
4.Anindividual
8.Jimhasbeencontractedtoperformapenetrationtestofabanksprimary
branch.Inordertomakethetestasrealaspossible,hehasnotbeen
givenanyinformationaboutthebankotherthanitsnameandaddress.
WhattypeofpenetrationtesthasJimagreedtoperform?
1.Acrystalboxpenetrationtest
2.Agrayboxpenetrationtest
3.Ablackboxpenetrationtest
4.Awhiteboxpenetrationtest
9.Aspartofapenetrationtest,Alexneedstodetermineifthereareweb
serversthatcouldsufferfromthe2014Heartbleedbug.Whattypeoftool
couldheuse,andwhatshouldhechecktoverifythatthetoolcanidentify
theproblem?
1.Avulnerabilityscanner,toseewhetherthescannerhasasignatureor
testfortheHeartbleedCVEnumber
2.Aportscanner,toseewhetherthescannerproperlyidentifiesSSL
connections
3.Avulnerabilityscanner,toseewhetherthevulnerabilityscannerdetects
problemswiththeApachewebserver
4.Aportscanner,toseewhethertheportscannersupportsTLSconnections
10.InaresponsetoaRequestforProposal,SusanreceivesaSAS70Type1
report.Ifshewantsareportthatincludesoperatingeffectivenessdetail,
whatshouldSusanaskforasfollowupandwhy?
1.AnSAS70TypeII,becauseTypeIonlycoversasinglepointintime
2.AnSOCType1,becauseTypeIIdoesnotcoveroperatingeffectiveness
3.AnSOCType2,becauseTypeIdoesnotcoveroperatingeffectiveness
4.AnSAC70type3,becauseTypes1and2areoutdatedandnolonger
accepted
11.Duringawirelessnetworkpenetrationtest,Susanrunsaircrackng
againstthenetworkusingapasswordfile.Whatmightcausehertofailin
herpasswordcrackingefforts?
1.UseofWPA2encryption
2.RunningWPA2inEnterprisemode
3.UseofWEPencryption
4.RunningWPA2inPSKmode
12.WhichtypeofSOCreportisbestsuitedtoprovideassurancetousers
aboutanorganizationssecurity,availability,andtheintegrityoftheir
serviceoperations?
1.AnSOC1Type2report
2.AnSOC2report
3.AnSOC3report
4.AnSOC1Type1report
13.Whattypeoftestingisusedtoensurethatseparatelydevelopedsoftware
modulesproperlyexchangedata?
1.Fuzzing
2.Dynamictesting
3.Interfacetesting
4.APIchecksums
14.Whichofthefollowingisnotapotentialproblemwithactivewireless
scanning?
1.Accidentlyscanningapparentroguedevicesthatactuallybelongto
guests
2.CausingalarmsontheorganizationswirelessIPS
3.Scanningdevicesthatbelongtonearbyorganizations
4.Misidentifyingroguedevices
15.Benusesafuzzingtoolthatdevelopsdatamodelsandcreatesfuzzeddata
basedoninformationabouthowtheapplicationusesdatatotestthe
application.WhattypeoffuzzingisBendoing?
1.Mutation
2.Parametric
3.Generational
4.Derivative
16.Sariawantstologandreviewtrafficinformationbetweenpartsofher
network.Whattypeofnetworkloggingshouldsheenableonherrouters
toallowhertoperformthisanalysis?
1.Auditlogging
2.Flowlogging
3.Tracelogging
4.Routelogging
17.Jimhasbeencontractedtoconductagrayboxpenetrationtest,andhis
clientshaveprovidedhimwiththefollowinginformationabouttheir
networkssothathecanscanthem.
1.Datacenter:10.10.10.0/24
2.Sales:10.10.11.0/24
3.Billing:10.10.12.0/24
4.Wireless:192.168.0.0/16
WhatproblemwillJimencounterifheiscontractedtoconductascan
fromoffsite?
1.TheIPrangesaretoolargetoscanefficiently.
2.TheIPaddressesprovidedcannotbescanned.
3.TheIPrangesoverlapandwillcausescanningissues.
4.TheIPaddressesprovidedareRFC1918addresses.
18.Karensorganizationhasbeenperformingsystembackupsforyearsbut
hasnotusedthebackupsfrequently.Duringarecentsystemoutage,
whenadministratorstriedtorestorefrombackupstheyfoundthatthe
backupshaderrorsandcouldnotberestored.Whichofthefollowing
optionsshouldKarenavoidwhenselectingwaystoensurethather
organizationsbackupswillworknexttime?
1.Logreview
2.MTDverification
3.Hashing
4.Periodictesting
Questions19,20,and21refertothefollowingscenario.
ThecompanythatJenniferworksforhasimplementedacentrallogging
infrastructure,asshowninthefollowingimage.Usethisdiagramand
yourknowledgeofloggingsystemstoanswerthefollowingquestions.
19.JenniferneedstoensurethatallWindowssystemsprovideidentical
logginginformationtotheSIEM.Howcanshebestensurethatall
Windowsdesktopshavethesamelogsettings?
1.Performperiodicconfigurationaudits.
2.UseGroupPolicy.
3.UseLocalPolicy.
4.DeployaWindowssyslogclient.
20.Duringnormaloperations,JennifersteamusestheSIEMapplianceto
monitorforexceptionsreceivedviasyslog.Whatsystemshowndoesnot
nativelyhavesupportforsyslogevents?
1.Enterprisewirelessaccesspoints
2.Windowsdesktopsystems
3.Linuxwebservers
4.Enterprisefirewalldevices
21.Whattechnologyshouldanorganizationuseforeachofthedevices
showninthediagramtoensurethatlogscanbetimesequencedacross
theentireinfrastructure?
1.Syslog
2.NTP
3.Logsync
4.SNAP
22.Duringapenetrationtest,Danielleneedstoidentifysystems,butshe
hasntgainedsufficientaccessonthesystemsheisusingtogenerateraw
packets.Whattypeofscanshouldsheruntoverifythemostopen
services?
1.ATCPconnectscan
2.ATCPSYNscan
3.AUDPscan
4.AnICMPscan
23.Duringaportscanusingnmap,Josephdiscoversthatasystemshowstwo
portsopenthatcausehimimmediateworry:
1.21/open
2.23/open
Whatservicesarelikelyrunningonthoseports?
1.SSHandFTP
2.FTPandTelnet
3.SMTPandTelnet
4.POP3andSMTP
24.Sariasteamisworkingtopersuadetheirmanagementthattheirnetwork
hasextensivevulnerabilitiesthatattackerscouldexploit.Ifshewantsto
conductarealisticattackaspartofapenetrationtest,whattypeof
penetrationtestshouldsheconduct?
1.Crystalbox
2.Graybox
3.Whitebox
4.Blackbox
25.Whatmethodiscommonlyusedtoassesshowwellsoftwaretesting
coveredthepotentialusesofaanapplication?
1.Atestcoverageanalysis
2.Asourcecodereview
3.Afuzzanalysis
4.Acodereviewreport
26.Testingthatisfocusedonfunctionsthatasystemshouldnotallowarean
exampleofwhattypeoftesting?
1.Usecasetesting
2.Manualtesting
3.Misusecasetesting
4.Dynamictesting
27.Whattypeofmonitoringusessimulatedtraffictoawebsitetomonitor
performance?
1.Loganalysis
2.Syntheticmonitoring
3.Passivemonitoring
4.Simulatedtransactionanalysis
28.Whichofthefollowingvulnerabilitiesisunlikelytobefoundbyaweb
vulnerabilityscanner?
1.Pathdisclosure
2.Localfileinclusion
3.Racecondition
4.Bufferoverflow
29.Jimusesatoolthatscansasystemforavailableservices,thenconnects
tothemtocollectbannerinformationtodeterminewhatversionofthe
serviceisrunning.Itthenprovidesareportdetailingwhatitgathers,
basingresultsonservicefingerprinting,bannerinformation,and
similardetailsitgatherscombinedwithCVEinformation.Whattypeof
toolisJimusing?
1.Aportscanner
2.Aservicevalidator
3.Avulnerabilityscanner
4.Apatchmanagementtool
30.Emilybuildsascriptthatsendsdatatoawebapplicationthatsheis
testing.Eachtimethescriptruns,itsendsaseriesoftransactionswith
datathatfitstheexpectedrequirementsofthewebapplicationtoverify
thatitrespondstotypicalcustomerbehavior.Whattypeoftransactionsis
sheusing,andwhattypeoftestisthis?
1.Synthetic,passivemonitoring
2.Synthetic,usecasetesting
3.Actual,dynamicmonitoring
4.Actual,fuzzing
31.Whatpassivemonitoringtechniquerecordsalluserinteractionwithan
applicationorwebsitetoensurequalityandperformance?
1.Client/servertesting
2.Realusermonitoring
3.Syntheticusermonitoring
4.Passiveuserrecording
32.Earlierthisyear,theinformationsecurityteamatJimsemployer
identifiedavulnerabilityinthewebserverthatJimisresponsiblefor
maintaining.Heimmediatelyappliedthepatchandissurethatit
installedproperly,butthevulnerabilityscannerhascontinuedtoflagthe
systemasvulnerableeventhoughJimissurethepatchisinstalled.
WhichofthefollowingoptionsisJimsbestchoicetodealwiththeissue?
1.Uninstallandreinstallthepatch.
2.Asktheinformationsecurityteamtoflagthesystemaspatchedandnot
vulnerable.
3.Updatetheversioninformationinthewebserversconfiguration.
4.Reviewthevulnerabilityreportandusealternateremediation
instructionsiftheyareprovided.
33.Angelawantstotestawebbrowsershandlingofunexpecteddatausing
anautomatedtool.Whattoolshouldshechoose?
1.Nmap
2.zzuf
3.Nessus
4.Nikto
34.STRIDE,whichstandsforSpoofing,Tampering,Repudiation,
InformationDisclosure,DenialofService,ElevationofPrivilege,is
usefulinwhatpartofapplicationthreatmodeling?
1.Vulnerabilityassessment
2.Misusecasetesting
3.Threatcategorization
4.Penetrationtestplanning
35.Whyshouldpassivescanningbeconductedinadditiontoimplementing
wirelesssecuritytechnologieslikewirelessintrusiondetectionsystems?
1.Itcanhelpidentifyroguedevices.
2.Itcantestthesecurityofthewirelessnetworkviascriptedattacks.
3.Theirshortdwelltimeoneachwirelesschannelcanallowthemto
capturemorepackets.
4.TheycanhelptestwirelessIDSorIPSsystems.
36.Duringapenetrationtest,Laurenisaskedtotesttheorganizations
Bluetoothsecurity.Whichofthefollowingisnotaconcernsheshould
explaintoheremployers?
1.Bluetoothscanningcanbetimeconsuming.
2.Manydevicesthatmaybescannedarelikelytobepersonaldevices.
3.Bluetoothpassivescansmayrequiremultiplevisitsatdifferenttimesto
identifyalltargets.
4.BluetoothactivescanscantevaluatethesecuritymodeofBluetooth
devices.
37.Whattermdescribessoftwaretestingthatisintendedtouncovernew
bugsintroducedbypatchesorconfigurationchanges?
1.Nonregressiontesting
2.Evolutiontesting
3.Smoketesting
4.Regressiontesting
38.Whichofthetoolscannotidentifyatargetsoperatingsystemfora
penetrationtester?
1.Nmap
2.Nessus
3.Nikto
4.sqlmap
39.Susanneedstopredicthighriskareasforherorganizationandwantsto
usemetricstoassessrisktrendsastheyoccur.Whatshouldshedoto
handlethis?
1.Performyearlyriskassessments.
2.Hireapenetrationtestingcompanytoregularlytestorganizational
security.
3.Identifyandtrackkeyriskindicators.
4.MonitorlogsandeventsusingaSIEMdevice.
40.Whatmajordifferenceseparatessyntheticandpassivemonitoring?
1.Syntheticmonitoringonlyworksafterproblemshaveoccurred.
2.Passivemonitoringcannotdetectfunctionalityissues.
3.Passivemonitoringonlyworksafterproblemshaveoccurred.
4.Syntheticmonitoringcannotdetectfunctionalityissues.
41.Chrisusesthestandardpenetrationtestingmethodologyshownhere.
Usethismethodologyandyourknowledgeofpenetrationtestingto
answerthefollowingquestionsabouttoolusageduringapenetration
test.
WhattaskisthemostimportantduringPhase1,Planning?
1.Buildingatestlab
2.Gettingauthorization
3.Gatheringappropriatetools
4.Determiningifthetestiswhite,black,orgraybox
42.Whichofthefollowingtoolsismostlikelytobeusedduringdiscovery?
1.Nessus
2.john
3.Nmap
4.Nikto
43.Whichoftheseconcernsisthemostimportanttoaddressduringplanning
toensurethereportingphasedoesnotcauseproblems?
1.WhichCVEformattouse
2.Howthevulnerabilitydatawillbestoredandsent
3.Whichtargetsareofflimits
4.Howlongthereportshouldbe
44.Whatfourtypesofcoveragecriteriaarecommonlyusedwhenvalidating
theworkofacodetestingsuite?
1.Input,statement,branch,andconditioncoverage
2.Function,statement,branch,andconditioncoverage
3.API,branch,bounds,andconditioncoverage
4.Bounds,branch,loop,andconditioncoverage
45.Aspartofhisroleasasecuritymanager,Jacobprovidesthefollowing
charttohisorganizationsmanagementteam.Whattypeofmeasurement
isheprovidingforthem?
1.Acoverageratemeasure
2.Akeyperformanceindicator
3.Atimetolivemetric
4.Abusinesscriticalityindicator
46.WhatdoesusinguniqueuserIDsforallusersprovidewhenreviewing
logs?
1.Confidentiality
2.Integrity
3.Availability
4.Accountability
47.Whichofthefollowingisnotaninterfacethatistypicallytestedduring
thesoftwaretestingprocess?
1.APIs
2.Networkinterfaces
3.UIs
4.Physicalinterfaces
48.Whatprotocolisusedtohandlevulnerabilitymanagementdata?
1.VML
2.SVML
3.SCAP
4.VSCAP
49.Misconfiguration,logicalandfunctionalflaws,andpoorprogramming
practicesareallcausesofwhattypeofissue?
1.Fuzzing
2.Securityvulnerabilities
3.Bufferoverflows
4.Raceconditions
50.Whichofthefollowingstrategiesshouldnotbeusedtohandlea
vulnerabilityidentifiedbyavulnerabilityscanner?
1.Installapatch.
2.Useaworkaroundfix.
3.Updatethebannerorversionnumber.
4.UseanapplicationlayerfirewallorIPStopreventattacksagainstthe
identifiedvulnerability.
51.DuringapenetrationtestSariacallshertargetshelpdeskclaimingtobe
theseniorassistancetoanofficerofthecompany.Sherequeststhatthe
helpdeskresettheofficerspasswordbecauseofanissuewithhislaptop
whiletravelingandpersuadesthemtodoso.Whattypeofattackhasshe
successfullycompleted?
1.Zeroknowledge
2.Helpdeskspoofing
3.Socialengineering
4.Blackbox
52.Inthisimage,whatissuemayoccurduetotheloghandlingsettings?
1.Logdatamaybelostwhenthelogisarchived.
2.Logdatamaybeoverwritten.
3.Logdatamaynotincludeneededinformation.
4.Logdatamayfillthesystemdisk.
53.Whichofthefollowingisnotahazardassociatedwithpenetration
testing?
1.Applicationcrashes
2.Denialofservice
3.Exploitationofvulnerabilities
4.Datacorruption
54.WhichNISTspecialpublicationcoverstheassessmentofsecurityand
privacycontrols?
1.80012
2.80053A
3.80034
4.80086
55.Whattypeofportscanningisknownashalfopenscanning?
1.TCPConnect
2.TCPACK
3.TCPSYN
4.Xmas
56.Laurenisperformingareviewofathirdpartyserviceorganizationand
wantstodetermineiftheorganizationspoliciesandproceduresare
effectivelyenforcedoveraperiodoftime.Whattypeofindustrystandard
assessmentreportshouldsherequest?
1.SSAE16SOC1TypeI
2.SAS70TypeI
3.SSAE16SOC1TypeII
4.SAS70TypeII
57.Jimisworkingwithapenetrationtestingcontractorwhoproposesusing
Metasploitaspartofherpenetrationtestingeffort.WhatshouldJim
expecttooccurwhenMetasploitisused?
1.Systemswillbescannedforvulnerabilities.
2.Systemswillhaveknownvulnerabilitiesexploited.
3.Serviceswillbeprobedforbufferoverflowandotherunknownflaws.
4.Systemswillbetestedforzerodayexploits.
58.Duringathirdpartyaudit,Jimscompanyreceivesafindingthatstates,
Theadministratorshouldreviewbackupsuccessandfailurelogsona
dailybasis,andtakeactioninatimelymannertoresolvereported
exceptions.WhatisthebiggestissuethatislikelytoresultifJimsIT
staffneedtorestorefromabackup?
1.Theywillnotknowifthebackupssucceededorfailed.
2.Thebackupsmaynotbeproperlylogged.
3.Thebackupsmaynotbeusable.
4.Thebackuplogsmaynotbeproperlyreviewed.
59.Jimishelpinghisorganizationdecideonauditstandardsforuse
throughouttheirinternationalorganization.Whichofthefollowingisnot
anITstandardthatJimsorganizationislikelytouseaspartofitsaudits?
1.COBIT
2.SSAE16
3.ITIL
4.ISO27002
60.Whichofthefollowingbestdescribesatypicalprocessforbuildingand
implementinganInformationSecurityContinuousMonitoringprogram
asdescribedbyNISTSpecialPublication800137?
1.Define,establish,implement,analyzeandreport,respond,review,and
update
2.Design,build,operate,analyze,respond,review,revise
3.Prepare,detectandanalyze,contain,respond,recover,report
4.Define,design,build,monitor,analyze,react,revise
61.Laurensteamconductsregressiontestingoneachpatchthatthey
release.Whatkeyperformancemeasureshouldtheymaintainto
measuretheeffectivenessoftheirtesting?
1.Timetoremediatevulnerabilities
2.Ameasureoftherateofdefectrecurrence
3.Aweightedrisktrend
4.Ameasureofthespecificcoverageoftheirtesting
62.Whichofthefollowingtypesofcodereviewisnottypicallyperformedby
ahuman?
1.Softwareinspections
2.Codereview
3.Staticprogramanalysis
4.Softwarewalkthroughs
SusanistheleadofaQualityAssuranceteamathercompany.Theyhave
beentaskedwiththetestingforamajorreleaseoftheircompanyscore
softwareproduct.Useyourknowledgeofcodereviewandtestingto
answerthefollowingthreequestions.
63.Susansteamofsoftwaretestersarerequiredtotesteverycodepath,
includingthosethatwillonlybeusedwhenanerrorconditionoccurs.
Whattypeoftestingenvironmentdoesherteamneedtoensurecomplete
codecoverage?
1.Whitebox
2.Graybox
3.Blackbox
4.Dynamic
64.Aspartofthecontinuedtestingoftheirnewapplication,Susansquality
assuranceteamhasdesignedasetoftestcasesforaseriesofblackbox
tests.Thesefunctionaltestsarethenrun,andareportisprepared
explainingwhathasoccurred.Whattypeofreportistypicallygenerated
duringthistestingtoindicatetestmetrics?
1.Atestcoveragereport
2.Apenetrationtestreport
3.Acodecoveragereport
4.Alinecoveragereport
65.Aspartoftheircodecoveragetesting,Susansteamrunstheanalysisina
nonproductionenvironmentusingloggingandtracingtools.Whichof
thefollowingtypesofcodeissuesismostlikelytobemissedduring
testingduetothischangeintheoperatingenvironment?
1.Improperboundschecking
2.Inputvalidation
3.Aracecondition
4.Pointermanipulation
66.Whatstepshouldoccurafteravulnerabilityscanfindsacritical
vulnerabilityonasystem?
1.Patching
2.Reporting
3.Remediation
4.Validation
67.Kathleenisreviewingthecodeforanapplication.Shefirstplansthe
review,conductsanoverviewsessionwiththereviewersandassigns
roles,andthenworkswiththereviewerstoreviewmaterialsandprepare
fortheirroles.Next,sheintendstoreviewthecode,reworkit,and
ensurethatalldefectsfoundhavebeencorrected.
WhattypeofreviewisKathleenconducting?
1.Adynamictest
2.Faganinspection
3.Fuzzing
4.ARothParkerreview
68.Daniellewantstocomparevulnerabilitiesshehasdiscoveredinherdata
centerbasedonhowexploitabletheyare,ifexploitcodeexists,aswellas
howhardtheyaretoremediate.Whatscoringsystemshouldsheuseto
comparevulnerabilitymetricslikethese?
1.CSV
2.NVD
3.VSS
4.CVSS
69.Duringaportscanofhisnetwork,Alexfindsthatanumberofhosts
respondonTCPports80,443,515,and9100inofficesthroughouthis
organization.WhattypeofdevicesisAlexlikelydiscovering?
1.Webservers
2.Fileservers
3.Wirelessaccesspoints
4.Printers
70.Nikto,BurpSuite,andWapitiareallexamplesofwhattypeoftool?
1.Webapplicationvulnerabilityscanners
2.Codereviewtools
3.Vulnerabilityscanners
4.Portscanners
71.Duringannmapscan,whatthreepotentialstatusesareprovidedfora
port?
1.Open,unknown,closed
2.Open,closed,andfiltered
3.Available,denied,unknown
4.Available,unavailable,filtered
72.Whichofthefollowingisnotamethodofsynthetictransaction
monitoring?
1.Databasemonitoring
2.Trafficcaptureandanalysis
3.Usersessionmonitoring
4.Websiteperformancemonitoring
73.Susanneedstoensurethattheinteractionsbetweenthecomponentsof
herecommerceapplicationareallhandledproperly.Sheintendsto
verifycommunications,errorhandling,andsessionmanagement
capabilitiesthroughoutherinfrastructure.Whattypeoftestingisshe
planningtoconduct?
1.Misusecasetesting
2.Fuzzing
3.Regressiontesting
4.Interfacetesting
74.Jimisdesigninghisorganizationslogmanagementsystemsandknows
thatheneedstocarefullyplantohandletheorganizationslogdata.
WhichofthefollowingisnotafactorthatJimshouldbeconcernedwith?
1.Thevolumeoflogdata
2.Alackofsufficientlogsources
3.Datastoragesecurityrequirements
4.Networkbandwidth
75.Jimhascontractedwithasoftwaretestingorganizationthatuses
automatedtestingtoolstovalidatesoftware.Heisconcernedthatthey
maynotcompletelytestallstatementsinhissoftware.What
measurementshouldheaskforintheirreporttoprovideinformation
aboutthis?
1.Ausecasecount
2.Atestcoveragereport
3.Acodecoveragereport
4.Acodereviewreport
76.WhenaWindowssystemisrebooted,whattypeoflogisgenerated?
1.Error
2.Warning
3.Information
4.Failureaudit
77.Duringareviewofaccesslogs,AlexnoticesthatDanielleloggedintoher
workstationinNewYorkat8a.m.daily,butthatshewasrecordedas
loggingintoherdepartmentsmainwebapplicationshortlyafter3a.m.
daily.WhatcommonloggingissuehasAlexlikelyencountered?
1.Inconsistentlogformatting
2.Modifiedlogs
3.Inconsistenttimestamps
4.Multiplelogsources
78.Whattypeofvulnerabilityscanaccessesconfigurationinformationfrom
thesystemsitisrunagainstaswellasinformationthatcanbeaccessed
viaservicesavailableviathenetwork?
1.Authenticatedscans
2.Webapplicationscans
3.Unauthenticatedscans
4.Portscans
BensorganizationhasbeguntouseSTRIDEtoassesstheirsoftware,and
hasidentifiedthreatagentsandthebusinessimpactsthatthesethreats
couldhave.Nowtheyareworkingtoidentifyappropriatecontrolsforthe
issuestheyhaveidentified.UsetheSTRIDEmodeltoanswerthe
followingthreequestions.
79.Bensdevelopmentteamneedstoaddressanauthorizationissue,
resultinginanelevationofprivilegethreat.Whichofthefollowing
controlsismostappropriatetothistypeofissue?
1.Auditingandloggingisenabled.
2.RBACisusedforspecificoperations.
3.Datatypeandformatchecksareenabled.
4.Userinputistestedagainstawhitelist.
80.Bensteamisattemptingtocategorizeatransactionidentificationissue
thatiscausedbyuseofasymmetrickeysharedbymultipleservers.What
STRIDEcategoryshouldthisfallinto?
1.Informationdisclosure
2.Denialofservice
3.Tampering
4.Repudiation
81.Benwantstopreventordetecttamperingwithdata.Whichofthe
followingisnotanappropriatesolution?
1.Hashes
2.Digitalsignatures
3.Filtering
4.Authorizationcontrols
82.WhichNISTdocumentcoversthecreationofanInformationSecurity
ContinuousMonitoring(ISCM)?
1.NISTSP800137
2.NISTSP80053a
3.NISTSP800145
4.NISTSP80050
83.Whichofthefollowingisnotanissuewhenusingfuzzingtofindprogram
faults?
1.Theyoftenfindonlysimplefaults.
2.Fuzztestingbugsareoftensevere.
3.Fuzzersmaynotfullycoverthecode.
4.Fuzzerscantreproduceerrors.
84.Whattermdescribesanevaluationoftheeffectivenessofsecurity
controlsperformedbyathirdparty?
1.Asecurityassessment
2.Apenetrationtest
3.Asecurityaudit
4.Asecuritytest
Duringaportscan,Benusesnmapsdefaultsettingsandseesthe
followingresults.Usethisinformationtoanswerthefollowingthree
questions.
85.IfBenisconductingapenetrationtest,whatshouldhisnextstepbeafter
receivingtheseresults?
1.Connecttothewebserverusingawebbrowser.
2.ConnectviaTelnettotestforvulnerableaccounts.
3.Identifyinterestingportsforfurtherscanning.
4.Usesqlmapagainsttheopendatabases.
86.Basedonthescanresults,whatOSwasthesystemthatwasscannedmost
likelyrunning?
1.WindowsDesktop
2.Linux
3.Networkdevice
4.WindowsServer
87.Bensmanagerexpressesconcernaboutthecoverageofhisscan.Why
mighthismanagerhavethisconcern?
1.BendidnottestUDPservices.
2.Bendidnotdiscoverportsoutsidethewellknownports.
3.BendidnotperformOSfingerprinting.
4.Bentestedonlyalimitednumberofports.
88.Whattechniquereliesonreviewingcodewithoutrunningit?
1.Fuzzing
2.Blackboxanalysis
3.Staticanalysis
4.Grayboxanalysis
89.Sarianeedstowritearequestforproposalforcodereviewandwantsto
ensurethatthereviewerstakethebusinesslogicbehindher
organizationsapplicationsintoaccount.Whattypeofcodereviewshould
shespecifyintheRFP?
1.Static
2.Fuzzing
3.Manual
4.Dynamic
90.Whattypeofdiagramusedinapplicationthreatmodelingincludes
malicioususersaswellasdescriptionslikemitigatesandthreatens?
1.Threattrees
2.STRIDEcharts
3.Misusecasediagrams
4.DREADdiagrams
91.Whatisthefirststepthatshouldoccurbeforeapenetrationtestis
performed?
1.Datagathering
2.Portscanning
3.Gettingpermission
4.Planning
92.WhatinternationalframeworkwasSSAE16basedon?
1.ISO27001
2.SAS70
3.SOX
4.ISAE3402
93.Duringapenetrationtestofherorganization,KathleensIPSdetectsa
portscanthathastheURG,FIN,andPSHflagssetandproducesan
alarm.Whattypeofscanisthepenetrationtesterattempting?
1.ASYNscan
2.ATCPflagscan
3.AnXmasscan
4.AnACKscan
94.Nmapisanexampleofwhattypeoftool?
1.Vulnerabilityscanner
2.Webapplicationfuzzer
3.Networkdesignandlayout
4.Portscanner
95.Whattypeofvulnerabilitieswillnotbefoundbyavulnerabilityscanner?
1.Localvulnerabilities
2.Servicevulnerabilities
3.Zerodayvulnerabilities
4.Vulnerabilitiesthatrequireauthentication
96.MITREsCVEdatabaseprovideswhattypeofinformation?
1.Currentversionsofsoftware
2.Patchinginformationforapplications
3.Vulnerabilityinformation
4.Alistofcostsversuseffortrequiredforcommonprocesses
97.AzerodayvulnerabilityisannouncedforthepopularApachewebserver
inthemiddleofaworkday.InJacobsroleasaninformationsecurity
analyst,heneedstoquicklyscanhisnetworktodeterminewhatservers
arevulnerabletotheissue.WhatisJacobsbestroutetoquicklyidentify
vulnerablesystems?
1.ImmediatelyrunNessusagainstalloftheserverstoidentifywhich
systemsarevulnerable.
2.ReviewtheCVEdatabasetofindthevulnerabilityinformationandpatch
information.
3.CreateacustomIDSorIPSsignature.
4.Identifyaffectedversionsandchecksystemsforthatversionnumber
usinganautomatedscanner.
NISTSpecialPublication800115,theTechnicalGuidetoInformation
SecurityTestingandAssessment,providesNISTsprocessfor
penetrationtesting.Usingthisimageaswellasyourknowledgeof
penetrationtesting,answerthefollowingquestions.
98.Whichofthefollowingisnotapartofthediscoveryphase?
1.HostnameandIPaddressinformationgathering
2.Serviceinformationcapture
3.Dumpsterdiving
4.Privilegeescalation
99.NISTspecifiesfourattackphasesteps:gainingaccess,escalating
privileges,systembrowsing,andinstallingadditionaltools.Once
attackersinstalladditionaltools,whatphasewillapenetrationtester
typicallyreturnto?
1.Discovery
2.Gainingaccess
3.Escalatingprivileges
4.Systembrowsing
100.Whichofthefollowingisnotatypicalpartofapenetrationtestreport?
1.Alistofidentifiedvulnerabilities
2.Allsensitivedatathatwasgatheredduringthetest
3.Riskratingsforeachissuediscovered
4.Mitigationguidanceforissuesidentified
NEXT
PREV
Recommended
/ Queue
HistoryManagement
/ Topics / Tutorials
/ Settings
/ Blog / Get the App / Sign Out
Chapter 5 Identity
and/ Access
(Domain
5)
2016 Safari. Terms of Service / Privacy Policy