Chapter 1 - Security Fundamentals Module C: Vulnerability Assessment

What element of a vulnerability assessment compares security performance to existing security configuration documents? A. Architecture review B. Baseline review C. Code review D. Design review

B. Baseline Review The existing security configuration is your current security baseline.

A vulnerability scan can be intrusive or non-intrusive. True or false? A. True B. False

A. True True. Intrusive scans are less invasive than penetration tests, but still can raise alarms or even cause system errors.

While conducting a penetration test you've just managed to get access to an important server. The main problem is that you got it through a session hijacking attack that took both luck and precise timing, and might be cut off at any time. Given limited time, what should your next step be? A. Escalate privileges B. Establish persistence C. Perform reconnaissance D. Pivot

B. Establish persistence The next step would be to establish the persistence of the threat.

What steps might be taken as part of a vulnerability scan? Choose all that apply. A. Bypassing security controls B. Exploiting vulnerabilities C. Finding open ports D. Identifying vulnerabilities E. Passively testing security controls

C. Finding open ports D. Identifying vulnerabilities E. Passively testing security controls Bypassing security controls and exploiting vulnerabilities would only be part of a penetration test, while the others can be part of a vulnerability scan.

What kind of penetration test involves a tester with full knowledge of your network configuration? A. Black box B. Black hat C. White box D. White hat

C. White box White box tests give testers full knowledge of the system, while black box tests require testers to gather information themselves.