CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
Comptia Pentest+ 2023 Questions and answer - Part 60
1. Which of the following types of assessment acts like an attacker, targeting sensitive data or systems with the goal of acquiring data and access?
A) Compliance-based
B) Red Team
C) Goals-based
D) Objective-based
2. What type of testing methodology is approached with complete prior knowledge?
A) Black Box
B) White Box
C) Red Team
D) Gray Box
3. Which of the following is an individual or group with the capability and motivation necessary to manifest a threat to an organization and deploy exploits against its assets?
A) Script Kiddie
B) Advanced Persistent Threat
C) Hacktivist
D) Threat Actor
4. Select any three kinds of threats which are identified during the threat modeling process.
A) Host Threats
B) Network Threats
C) Application Threats
D) All of above
5. You have been contracted to conduct a penetration test for an organization. The initial meetings went well, and you have well-defined Rules Of Engagement (ROE) and target-scoping documents. Two weeks later, you are asked if you can -squeeze in another /22 subnet for the given assessment time frame. This is a potential example of _________________.
A) Scope Creep
B) Impact Analysis
C) Black Box Assessment
D) Objective-based Assessment
A) Compliance-based
B) Red Team
C) Goals-based
D) Objective-based
2. What type of testing methodology is approached with complete prior knowledge?
A) Black Box
B) White Box
C) Red Team
D) Gray Box
3. Which of the following is an individual or group with the capability and motivation necessary to manifest a threat to an organization and deploy exploits against its assets?
A) Script Kiddie
B) Advanced Persistent Threat
C) Hacktivist
D) Threat Actor
4. Select any three kinds of threats which are identified during the threat modeling process.
A) Host Threats
B) Network Threats
C) Application Threats
D) All of above
5. You have been contracted to conduct a penetration test for an organization. The initial meetings went well, and you have well-defined Rules Of Engagement (ROE) and target-scoping documents. Two weeks later, you are asked if you can -squeeze in another /22 subnet for the given assessment time frame. This is a potential example of _________________.
A) Scope Creep
B) Impact Analysis
C) Black Box Assessment
D) Objective-based Assessment
1. Right Answer: B
Explanation: Penetration test findings of media organization or any third party would be guaranteed to be in violation of the NDA for the assessment. Another option is rival corporation because the results of a penetration test to an organization's rival would be damaging to that organization-s good standing and possibly expose them to targeted corporate espionage efforts, in addition to being certain to breach the NDA for the assessment.
2. Right Answer: B
Explanation: Red team attempt to act like an attacker, targeting sensitive data or systems with the goal of acquiring data and access.
3. Right Answer: D
Explanation: White box testing approach is most likely desired by the user due to the provision of authorized administrator credentials and source code for the proprietary web application in use.
4. Right Answer: D
Explanation: A threat actor is an individual or group with the capability and motivation necessary to manifest a threat to an organization and deploy exploits against its assets.
5. Right Answer: A
Explanation: During the threat modeling process, there are some types of threats such as network threats, host threats, and application threats that may be identified.
Explanation: Penetration test findings of media organization or any third party would be guaranteed to be in violation of the NDA for the assessment. Another option is rival corporation because the results of a penetration test to an organization's rival would be damaging to that organization-s good standing and possibly expose them to targeted corporate espionage efforts, in addition to being certain to breach the NDA for the assessment.
2. Right Answer: B
Explanation: Red team attempt to act like an attacker, targeting sensitive data or systems with the goal of acquiring data and access.
3. Right Answer: D
Explanation: White box testing approach is most likely desired by the user due to the provision of authorized administrator credentials and source code for the proprietary web application in use.
4. Right Answer: D
Explanation: A threat actor is an individual or group with the capability and motivation necessary to manifest a threat to an organization and deploy exploits against its assets.
5. Right Answer: A
Explanation: During the threat modeling process, there are some types of threats such as network threats, host threats, and application threats that may be identified.
Tags:
comptia it exams it certification exams it certifications 2023 comptia exam comptia certification comptia questions comptia a+ comptia exam prep comptia 2023 compti prep materials comptia practice exams questions and answers practice tests test question test comptia a+ comptia a+ 1001 comptioa a+ 1002 comptia casp comptia cloud comptia cysa comptia it fundamentals comptia linux comptia network+ comptia security+ linux essentials0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment