PrepAway - Latest Free Exam Questions & Answers

Which of the following areas can be exploited in a penetration test?

Penetration testing (also called pen testing) is the practice of testing a computer system, network, or Web application to find vulnerabilities that an attacker could exploit. Which of the following areas can be exploited in a penetration test? Each correct answer represents a complete solution. Choose all that apply.

PrepAway - Latest Free Exam Questions & Answers

A.
Information system architectures

B.
Buffer overflows

C.
Social engineering

D.
File and directory permissions

E.
Trojan horses

F.
Kernel flaws

G.
Race conditions

Explanation:

Penetration testing (also called pen testing) is the practice of testing a computer system, network, or Web application to find vulnerabilities that an attacker could exploit.

Following are the areas that can be exploited in a penetration test.
* Kernel flaws: Kernel flaws refer to the exploitation of kernel code flaws in the operating system.
* Buffer overflows: Buffer overflows refer to the exploitation of a software failure to properly check for the length of input data. This overflow can cause malicious behavior on the system.
* Race conditions: A race condition is a situation in which an attacker can gain access to a system as a privileged user.
* File and directory permissions: In this area, an attacker exploits weak permissions restrictions to gain unauthorized access of documents.
* Trojan horses: These are malicious programs that can exploit an information system by attaching themselves in valid programs and files.
* Social engineering: In this technique, an attacker uses his social skills and persuasion to acquire valuable information that can be used to conduct an attack against a system.

One Comment on “Which of the following areas can be exploited in a penetration test?


Leave a Reply