1.  This is information from multiple sources that is available to the general public
    A.     OSINT
    B.     bug bounty
    C.     active reconnaissance
    D.     warflying

2.  _____ are the boundaries of a penetration test.
    A.     persistence
    B.     pivot
    C.     lateral movement
    D.     rules of engagement (RoE)

3.  What do we need from an organization before we legally do a penetration test on an organization?
    A.     permission
    B.     internal network credentials
    C.     nothing
    D.     IP address

4.  _____ is using tools to gain more information.
    A.     cleanup
    B.     pivot
    C.     persistence
    D.     rules of engagement (RoE)

5.  What is a way to detect wireless networks, map location of organization, and determine security settings of an organization?
    A.     OSINT
    B.     warflying
    C.     active reconnaissance
    D.     bug bounty

6.  What of the following involves creating backdoors, alternate user accounts, and setting up encrypted connections?
    A.     privilege escalation
    B.     rules of engagement (RoE)
    C.     pivot
    D.     persistence

7.  In pentesting, these are the referees, so they set the rules of engagement and oversee the testing.
    A.     Red team
    B.     White team
    C.     Purple team
    D.     Blue team

8.  In pentesting, this is the defensive team, so they use security controls to protect network resources.
    A.     White team
    B.     Blue team
    C.     Purple team
    D.     Red team

9.  You are a pentester. You know NOTHING about the system you are testing. What kind of testing are you doing?
    A.     open box testing
    B.     translucent box testing
    C.     cardboard box testing
    D.     closed box testing

10.  What of the following is NOT a legal activity?
    A.     collecting data from a wireless network
    B.     bug bounty
    C.     active reconnaissance
    D.     collecting data from social media