Sample questions
Q1. Which one of the following is considered the BEST penetration testing method when the organization wants to ascertain the hacking possibilities from external networks to the internal systems?
Black box testing
Blue box testing
Grey box testing
White box testing
Q2. Vulnerabilities in IT systems are considered:
Holes or errors
Software functionality
Hardware functionality
None of the above
Q3. Which of the following step is not a vulnerability assessment and penetration testing process?
Scope
Result analysis
Software development
Reporting
Q4. Common Vulnerabilities and Exposures (CVE) is a:
Dictionary
Database
Software program
Vulnerability
Q5. The National Vulnerability Database (NVD) provides:
Common Software defects
Common Vulnerability Scoring System
Common Vulnerability Sorting System
Common hardware defects
Q6. If you need to address multi-level security requirements, which of the following models will you choose?
Take-Grant Model
Bell-LaPadula Model
Biba Model
Clark-Wilson Model
Q7. A boundary...