CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
Comptia Pentest+ 2023 Questions and answer - Part 57
1. Select the detailed process that identify security flaws and their locations.
A) Cross-compiling
B) Vulnerability Mapping
C) Exploit Modification
D) Cross-building
2. Which of the following is a process of finding all available information on a target system or service in support of developing a plan of attack?
A) Enumeration
B) Fingerprinting
C) Vulnerability Mapping
D) Vulnerability Scanning
3. Following are the vulnerability scanners commonly used in penetration testing, except __________________.
A) OpenVAS
B) Nessus
C) IDA
D) SQLmap
4. Which of the following maintains a list of known vulnerabilities including an identification number and description of those cybersecurity vulnerabilities?
A) CERT
B) CVE
C) CWE
D) CAPEC
5. Ricky is conducting a penetration test on a web application and is looking for potential vulnerabilities to exploit. Which of the following vulnerabilities does not commonly exist in web applications?
A) Cross-site Scripting
B) Buffer Overflow
C) VM Escape
D) SQL Injection
A) Cross-compiling
B) Vulnerability Mapping
C) Exploit Modification
D) Cross-building
2. Which of the following is a process of finding all available information on a target system or service in support of developing a plan of attack?
A) Enumeration
B) Fingerprinting
C) Vulnerability Mapping
D) Vulnerability Scanning
3. Following are the vulnerability scanners commonly used in penetration testing, except __________________.
A) OpenVAS
B) Nessus
C) IDA
D) SQLmap
4. Which of the following maintains a list of known vulnerabilities including an identification number and description of those cybersecurity vulnerabilities?
A) CERT
B) CVE
C) CWE
D) CAPEC
5. Ricky is conducting a penetration test on a web application and is looking for potential vulnerabilities to exploit. Which of the following vulnerabilities does not commonly exist in web applications?
A) Cross-site Scripting
B) Buffer Overflow
C) VM Escape
D) SQL Injection
1. Right Answer: B
Explanation: A dictionary attack uses existing wordlists that get expanded whenever real-world passwords are discovered.
2. Right Answer: A
Explanation: Vulnerability mapping is the process of detailing identified vulnerabilities and their locations, whether they are physical (no cameras or guards at a back entrance, for instance) or logical (such as SMBv1 being enabled on a Windows 2008 server).
3. Right Answer: C
Explanation: Enumeration is the process of finding all available information on a target system or service in support of developing a plan of attack.
4. Right Answer: B
Explanation: IDA or the Interactive Disassembler is a disassembly tool that can generate assembly language source code for an application that is the executable directly, and is not a vulnerability scanning tool.
5. Right Answer: C
Explanation: Common Vulnerabilities and Exposure (CVE) maintains the list of known vulnerabilities including an identification number and description of those cybersecurity vulnerabilities.
Explanation: A dictionary attack uses existing wordlists that get expanded whenever real-world passwords are discovered.
2. Right Answer: A
Explanation: Vulnerability mapping is the process of detailing identified vulnerabilities and their locations, whether they are physical (no cameras or guards at a back entrance, for instance) or logical (such as SMBv1 being enabled on a Windows 2008 server).
3. Right Answer: C
Explanation: Enumeration is the process of finding all available information on a target system or service in support of developing a plan of attack.
4. Right Answer: B
Explanation: IDA or the Interactive Disassembler is a disassembly tool that can generate assembly language source code for an application that is the executable directly, and is not a vulnerability scanning tool.
5. Right Answer: C
Explanation: Common Vulnerabilities and Exposure (CVE) maintains the list of known vulnerabilities including an identification number and description of those cybersecurity vulnerabilities.
Tags:
comptia it exams it certification exams it certifications 2023 comptia exam comptia certification comptia questions comptia a+ comptia exam prep comptia 2023 compti prep materials comptia practice exams questions and answers practice tests test question test comptia a+ comptia a+ 1001 comptioa a+ 1002 comptia casp comptia cloud comptia cysa comptia it fundamentals comptia linux comptia network+ comptia security+ linux essentials0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment