Flashcards

Penetration Testing

Evaluating networks and systems security

5 minutes 5 Questions

Penetration Testing, often called "pen testing" or "ethical hacking," is a systematic process of evaluating an organization's security posture by simulating attacks against its systems, networks, applications, and physical security controls. This proactive security assessment methodology helps iden…

Concepts covered

Scanning and Enumeration Incident Response and Forensics Vulnerability Assessment Exploit Development Social Engineering Analysis and Reporting Red Teaming Security Controls Assessment Gaining Access Covering Tracks Reconnaissance Footprinting and Reconnaissance Ethical Hacking Blue Teaming Maintaining Access

Test mode:

Exam (Timed)

Practice (With explanations)

Start practice test

CompTIA Security+ - Penetration Testing Example Questions

Test your knowledge of Penetration Testing

Question 1

A blue team collects logs from various servers, but they are not in a standardized format. What should they implement to normalize and centrally manage logs?

Security information and event management (SIEM) A standalone intrusion detection system (IDS) Endpoint protection platform (EPP) Manual log standardization

Correct Answer: Security information and event management (SIEM)

A SIEM system collects, stores, normalizes, and analyzes logs from various sources, making it the perfect solution for centrally managing diverse logs. Standalone IDS, manual standardization, EPP, firewall and IPS management software, and RDP do not provide the necessary functionality to address the specific problem.

Question 2

The blue team discovered a vulnerability in third-party software used by the company. What action should they take to mitigate this risk?

Immediately uninstall the software Ignore the problem and hope it doesn't lead to an incident Contact the vendor to report the issue and determine if a patch is available Develop a custom patch in-house

Correct Answer: Contact the vendor to report the issue and determine if a patch is available

When dealing with vulnerabilities in third-party software, the appropriate action is to contact the vendor to report the issue and determine if a patch is available. The vendor can address the vulnerability and provide guidance on mitigation. Other responses may disrupt business operations or fail to properly resolve the issue.

Question 3

A hacker gained access to a database and stole sensitive information. They plan to use encryption to erase their presence. Which method should they use?

Performing multiple encryption passes on their computer Wiping the stolen data with encryption Storing the data in an unsecured location Sending the data via an unencrypted email

Correct Answer: Wiping the stolen data with encryption

Encrypting the stolen data with a secure algorithm makes it more difficult for investigators to uncover the hacker's activities. The other options fail to provide adequate levels of security.

Secure Your Security+ SY0-701

1,200+ questions across all 5 SY0-701 domains

All 5 SY0-701 Domains: Security concepts, threats & mitigations, architecture, operations (28%), and governance
DoD 8570/8140 Approved: Required for many government and military cybersecurity roles
90-Question Mock Exams: Timed practice matching the real exam: 90 questions in 90 minutes, 750 to pass
100% Satisfaction Guaranteed: Full refund if unsatisfied
Risk-Free: 7-day free trial with all premium features!