-
web.groovymark@gmail.com
- December 5, 2024
Question 01
What is the definition of “Risk” in a security context?
a) Risk = Vulnerability x Control
b) Risk = Vulnerability / Threat
c) Risk = Threat x Vulnerability
d) Risk = Control / Exposure
Correct Answer: Risk = Threat x Vulnerability
Explanation: Risk is calculated by multiplying the potential threat by the existing vulnerability within a system.
Question 02
Describe unified threat management (UTM):
a) A strategy to prevent phishing attacks
b) A combination of all security functions like firewalls, malware scanning, and IDS/IPS
c) A firewall-only configuration
d) A method to manage social engineering risks
Correct Answer: A combination of all security functions like firewalls, malware scanning, and IDS/IPS
Explanation: UTM refers to all-in-one security appliances that combine multiple functions like firewall, malware scanning, IDS, and more.
Question 03
What is OWASP?
a) A vulnerability assessment tool
b) An international standards body for cybersecurity
c) A framework for web application security testing
d) A malware database
Correct Answer: A framework for web application security testing
Explanation: OWASP stands for Open Web Application Security Project and focuses on improving the security of software through frameworks and published vulnerabilities.
Question 04
What is NIST?
a) National Institute of Standards and Technology
b) National Institute of Software Testing
c) Network Intrusion Security Testing
d) New Information Security Tactics
Correct Answer: National Institute of Standards and Technology
Explanation: NIST is a US government agency that develops and promotes cybersecurity standards.
Question 05
What is NIST SP 800-115?
a) A framework for testing encryption algorithms
b) A standard for managing firewalls
c) A guide to information security testing and assessment
d) A vulnerability management tool
Correct Answer: A guide to information security testing and assessment
Explanation: NIST SP 800-115 provides guidelines for conducting technical information security testing and assessments.
Question 06
What is OSSTMM?
a) Open-source Security Testing Methodology Manual
b) Operational System Security Testing Method
c) Open-Source Systems Technology Manual
d) Official System Security Test Methodology
Correct Answer: Open-source Security Testing Methodology Manual
Explanation: OSSTMM is a comprehensive manual for security testing, outlining areas and methods to be tested.
Question 07
What is ISSAF?
a) Internet Security Standards and Framework
b) Information Systems Security Assessment Framework
c) Internal Security Software and Framework
d) Infrastructure Security Standards and Assessment
Correct Answer: Information Systems Security Assessment Framework
Explanation: ISSAF is an open-source framework consisting of documents to guide penetration testing and security assessments.
Question 08
What does PTES stand for?
a) Personal Threat and Exploit System
b) Penetration Testing Execution Standard
c) Physical Threat Evaluation Strategy
d) Personal Testing for Enterprise Security
Correct Answer: Penetration Testing Execution Standard
Explanation: PTES provides a standard methodology for conducting penetration tests effectively.
Question 09
Explain the role of MITRE ATT&CK:
a) A testing framework for antivirus systems
b) A comprehensive repository of adversary tactics, techniques, and procedures
c) A guide for cryptographic algorithms
d) A vulnerability scanner
Correct Answer: A comprehensive repository of adversary tactics, techniques, and procedures
Explanation: MITRE ATT&CK is a database sponsored by the US government that catalogs real-world adversary behaviors and tactics.
Question 10
What is CVSS?
a) Common Vulnerability Scoring System
b) Certified Vulnerability Scanning Software
c) Centralized Vulnerability System Scanning
d) Cloud Vulnerability and Security System
Correct Answer: Common Vulnerability Scoring System
Explanation: CVSS is a system for scoring the severity of vulnerabilities based on their impact on systems.
Question 11
What is CVE?
a) Common Vulnerabilities and Exploits
b) Common Vulnerabilities and Exposures
c) Certified Vulnerability Engine
d) Centralized Vulnerability Exchange
Correct Answer: Common Vulnerabilities and Exposures
Explanation: CVE is a system that catalogs publicly disclosed vulnerabilities and exposures.
Question 12
Explain CWE:
a) Common Web Exploits
b) Common Weakness Enumeration
c) Certified Web Enumeration
d) Cyber Weakness Engine
Correct Answer: Common Weakness Enumeration
Explanation: CWE is a list of software and hardware vulnerabilities and weaknesses maintained by MITRE.
Question 13
What is a critical consideration when PenTesting web applications?
a) The use of cloud services
b) Testing every form or page interaction
c) Focus only on external assets
d) Skipping any use of APIs
Correct Answer: Testing every form or page interaction
Explanation: When testing web applications, each form and page interaction must be tested across multiple user roles.
Question 14
What are examples of assets when determining the test scope?
a) APIs, IP addresses, and domains
b) Only firewalls and IDS/IPS systems
c) User manuals and internal policy documents
d) External data logs
Correct Answer: APIs, IP addresses, and domains
Explanation: Assets in a PenTest include APIs, IP addresses, domains, users, and physical locations.
Question 15
Explain the difference between internal and external assets:
a) Internal assets are accessible over the internet, while external assets are only internal
b) External assets are managed locally, and internal assets are hosted on third-party systems
c) Internal assets are accessed from within the organization, and external assets are accessible from outside
d) External assets cannot be tested during PenTests
Correct Answer: Internal assets are accessed from within the organization, and external assets are accessible from outside
Explanation: Internal assets are within the organization's network, while external assets are accessible from outside (e.g., websites, DNS servers).
Question 16
What is the difference between first-party and third-party hosted assets?
a) First-party assets are physical, while third-party assets are virtual
b) First-party assets are hosted by the client, and third-party assets are hosted by a vendor or partner
c) First-party assets are encrypted, while third-party assets are not
d) Third-party assets are only accessible via API
Correct Answer: First-party assets are hosted by the client, and third-party assets are hosted by a vendor or partner
Explanation: First-party assets are hosted and controlled by the client organization, whereas third-party assets are hosted externally by a vendor.
Question 17
What kind of questions should the PenTest team ask stakeholders?
a) Open-ended questions to clarify the methods used
b) Closed questions about previous tests
c) Only technical questions about server configuration
d) Questions about social media policies
Correct Answer: Open-ended questions to clarify the methods used
Explanation: Open-ended questions remove ambiguity and ensure all testing methods and processes are understood by stakeholders.
Question 18
What are compliance-based assessments?
a) Tests focused on meeting specific legal or regulatory requirements
b) PenTests that avoid physical security tests
c) Assessments done only for financial institutions
d) Testing completed without reporting
Correct Answer: Tests focused on meeting specific legal or regulatory requirements
Explanation: Compliance-based assessments focus on ensuring an organization meets the requirements of laws or standards such as GDPR or PCI DSS.
Question 19
Describe red team/blue team-based assessments:
a) A team of consultants conducting an assessment
b) An internal IT team performing the test
c) Red team simulates an attacker, while the blue team defends the organization
d) An assessment using only automated tools
Correct Answer: Red team simulates an attacker, while the blue team defends the organization
Explanation: In red team/blue team exercises, the red team tries to penetrate the organization, while the blue team focuses on defense and detection.
Question 20
What are goals-based assessments?
a) Tests with defined objectives like verifying the security of a specific system
b) Tests performed without any clear goals
c) Assessments focused only on policy compliance
d) Automated vulnerability scans without human involvement
Correct Answer: Tests with defined objectives like verifying the security of a specific system
Explanation: Goals-based assessments have specific objectives, such as ensuring a point-of-sale system is secure before implementation.
