Which of the following types of testing does the compan…
A company hires outside security experts to evaluate the security status of the corporate network. All of the
company’s IT resources are outdated and prone to crashing. The company requests that all testing be
performed in a way which minimizes the risk of system failures. Which of the following types of testing does the
company want performed?
Which of the following should Jane perform?
Jane has recently implemented a new network design at her organization and wishes to passively identify
security issues with the new network. Which of the following should Jane perform?
Which of the following would allow the security adminis…
A security administrator wants to perform routine tests on the network during working hours when certain
applications are being accessed by the most people. Which of the following would allow the security
administrator to test the lack of security controls for those applications with the least impact to the system?
Which of the following BEST represents the goal of a vu…
Which of the following BEST represents the goal of a vulnerability assessment?
Which of the following would Ann use to ensure that she…
Ann, a security analyst, is preparing for an upcoming security audit.
Which of the following would Ann use to ensure that she identifies unapplied security controls and patches
without attacking or compromising the system?
Which of the following should the administrator perform?
A security administrator is aware that a portion of the company’s Internet-facing network tends to be non-secure
due to poorly configured and patched systems. The business owner has accepted the risk of those systems
being compromised, but the administrator wants to determine the degree to which those systems can be used
to gain access to the company intranet. Which of the following should the administrator perform?
Which of the following is BEST utilized to actively tes…
Which of the following is BEST utilized to actively test security controls on a particular system?
Which of the following activities is MOST appropriate?
Mike, a security professional, is tasked with actively verifying the strength of the security controls on a
company’s live modem pool. Which of the following activities is MOST appropriate?
Which ports and protocols are MOST likely to be open on…
During a penetration test from the Internet, Jane, the system administrator, was able to establish a connection
to an internal router, but not successfully log in to it. Which ports and protocols are MOST likely to be open on
the firewall? (Choose FOUR).
Which statement BEST describes her privileges?
During an anonymous penetration test, Jane, a system administrator, was able to identify a shared print spool
directory, and was able to download a document from the spool. Which statement BEST describes her
privileges?