Question
2-- When comparing vulnerability scanning and penetration testing to each other, which statement is true? Group of answer choices Vulnerability scanning generally uses a passive
2-- When comparing vulnerability scanning and penetration testing to each other, which statement is true?
Group of answer choices
Vulnerability scanning generally uses a passive approach, and penetration testing uses a more active approach.
Vulnerability scanning is conducted by a white hat, and penetration testing is carried out by a black hat.
Vulnerability scanning is a reconnaissance technique, but penetration testing is not.
Penetration testing and vulnerability scanning are considered ethical hacking practices.
3-- Arrange the following steps in the correct order for establishing a security policy.
Group of answer choices
(1) Analyze risks to security; (2) Obtain support and commitment throughout the organization; (3) review, test, and update procedures; (4) Implement controls that detect and prevent losses combined with a disaster recovery plan
(1) Analyze risks to security; (2) Obtain support and commitment throughout the organization; (3) Implement controls that detect and prevent losses combined with a disaster recovery plan; (4) Review, test, and update procedures
(1) Obtain support and commitment throughout the organization; (2) Analyze risks to security; (3) review, test, and update procedures; (4) Implement controls that detect and prevent losses combined with a disaster recovery plan.
(1) Obtain support and commitment throughout the organization; (2) Analyze risks to security; (3) Implement controls that detect and prevent losses combined with a disaster recovery plan; (4) Review, test, and update procedures
4-- What is Open Source Intelligence (OSINT)?
Group of answer choices
The means the organization will take to protect the confidentiality, availability, and integrity of sensitive data and resources.
Obtaining information, physical access to premises, or even access to a user account through the art of persuasion.
Using software tools to obtain information about a host or network topology.
Using web search tools and social media to obtain information about the target.
5-- Analyze and eliminate the item that is NOT an example of a reconnaissance technique.
Group of answer choices
Initial exploitation
Open Source Intelligence (OSINT)
Scanning
Social engineering
6 -- A hacker has established a Command and Control network to control a compromised host. What is the ability of the hacker to use this remote connection method as needed known as?
Group of answer choices
Reconnaissance
Persistence
Pivoting
Weaponization
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started