TEST BANK
CompTIA Pentest+ Guide To Penetration
Testing, 1st Edition by Rob S. Wilson
Complete Chapters Test Bank
are included (Ch 1 to 14)
** Immediate Download
** Swift Response
** All Chapters included
,Table of Contents are given below
1. Introduction to Penetration Testing.
2. Setting Up a Penetration Testing Lab.
3. Planning and Scoping.
4. Information Gathering.
5. Performing Vulnerability Scanning.
6. Exploitation Methods and Tools.
7. Network Attacks and Attack Vectors.
8. Wireless and Specialized Systems Attack Vectors and
Attacks.
9. Application-Based Attack Vectors and Attacks.
10. Host Attack Vectors and Cloud Technologies Attacks.
11. Social Engineering and Physical Attacks.
12. Reporting and Communication.
13. Writing and Understanding Code.
14. The Final Penetration Testing Project.
,Name: Class: Date:
Mod 01 Introduction to Penetration Testing
1. A flaw in software, hardware, or procedures is known as what?
a. A vulnerability
b. An exploit
c. An attack
d. A mistake
ANSWER: a
RATIONALE: A vulnerability is a flaw in the software, hardware, or procedures that if exploited,
can cause undesired operations, or can be used to circumvent security controls.
POINTS: 1
QUESTION TYPE: Multiple Choice
HAS VARIABLES: False
LEARNING OBJECTIVES: Wils.Pentest+1E.24.1.1 - Describe the penetration testing process and its phases,
activities, and team members.
ACCREDITING STANDARDS: Wils.PTO-002.24.1.3 - Given a scenario, demonstrate an ethical hacking mindset by
maintaining professionalism and integrity.
TOPICS: 1.1 What, Why, When, How, and Who?
KEYWORDS: Bloom's: Remember/Understand
DATE CREATED: 3/28/2023 5:31 PM
DATE MODIFIED: 3/28/2023 5:31 PM
2. The National Institute of Standards and Technology (NIST) provides Special Publications to assist IT
personnel and companies in establishing procedures that govern information systems. Which Special
Publication (SP) is the technical guide to information systems testing and assessment?
a. SP 800-53
b. SP 800-100
c. SP 800-128
d. SP 800-115
ANSWER: d
RATIONALE: The SP 800-115 is the Technical Guide to Information Security Testing and
Assessment.
POINTS: 1
QUESTION TYPE: Multiple Choice
HAS VARIABLES: False
LEARNING OBJECTIVES: Wils.Pentest+1E.24.1.1 - Describe the penetration testing process and its phases,
activities, and team members.
ACCREDITING STANDARDS: Wils.PTO-002.24.1.3 - Given a scenario, demonstrate an ethical hacking mindset by
maintaining professionalism and integrity.
TOPICS: 1.1 What, Why, When, How, and Who?
KEYWORDS: Bloom's: Remember/Understand
DATE CREATED: 3/28/2023 5:31 PM
Page 1
, Name: Class: Date:
Mod 01 Introduction to Penetration Testing
DATE MODIFIED: 3/28/2023 5:31 PM
3. How often should penetration tests be performed for segmentation controls under the PCI DSS?
a. Quarterly
b. Monthly
c. Annually
d. Semi-annually
ANSWER: d
RATIONALE: Under the PCI DSS Requirement 11.3, segmentation controls should be tested
semi-annually, or when changes are made to those controls.
POINTS: 1
QUESTION TYPE: Multiple Choice
HAS VARIABLES: False
LEARNING OBJECTIVES: Wils.Pentest+1E.24.1.1 - Describe the penetration testing process and its phases,
activities, and team members.
ACCREDITING STANDARDS: Wils.PTO-002.24.1.3 - Given a scenario, demonstrate an ethical hacking mindset by
maintaining professionalism and integrity.
TOPICS: 1.1 What, Why, When, How, and Who?
KEYWORDS: Bloom's: Remember/Understand
DATE CREATED: 3/28/2023 5:31 PM
DATE MODIFIED: 3/28/2023 5:31 PM
4. The CIA triad includes all the following except?
a. Confidentiality
b. Availability
c. Intelligence
d. Integrity
ANSWER: c
RATIONALE: Confidentiality, integrity, and availability are the known concepts of the CIA
triad.
POINTS: 1
QUESTION TYPE: Multiple Choice
HAS VARIABLES: False
LEARNING OBJECTIVES: Wils.Pentest+1E.24.1.1 - Describe the penetration testing process and its phases,
activities, and team members.
ACCREDITING STANDARDS: Wils.PTO-002.24.1.3 - Given a scenario, demonstrate an ethical hacking mindset by
maintaining professionalism and integrity.
TOPICS: 1.2 CIA, DAD, and the Hacker Mindset
KEYWORDS: Bloom's: Remember/Understand
DATE CREATED: 3/28/2023 5:31 PM
DATE MODIFIED: 3/28/2023 5:31 PM
Page 2
CompTIA Pentest+ Guide To Penetration
Testing, 1st Edition by Rob S. Wilson
Complete Chapters Test Bank
are included (Ch 1 to 14)
** Immediate Download
** Swift Response
** All Chapters included
,Table of Contents are given below
1. Introduction to Penetration Testing.
2. Setting Up a Penetration Testing Lab.
3. Planning and Scoping.
4. Information Gathering.
5. Performing Vulnerability Scanning.
6. Exploitation Methods and Tools.
7. Network Attacks and Attack Vectors.
8. Wireless and Specialized Systems Attack Vectors and
Attacks.
9. Application-Based Attack Vectors and Attacks.
10. Host Attack Vectors and Cloud Technologies Attacks.
11. Social Engineering and Physical Attacks.
12. Reporting and Communication.
13. Writing and Understanding Code.
14. The Final Penetration Testing Project.
,Name: Class: Date:
Mod 01 Introduction to Penetration Testing
1. A flaw in software, hardware, or procedures is known as what?
a. A vulnerability
b. An exploit
c. An attack
d. A mistake
ANSWER: a
RATIONALE: A vulnerability is a flaw in the software, hardware, or procedures that if exploited,
can cause undesired operations, or can be used to circumvent security controls.
POINTS: 1
QUESTION TYPE: Multiple Choice
HAS VARIABLES: False
LEARNING OBJECTIVES: Wils.Pentest+1E.24.1.1 - Describe the penetration testing process and its phases,
activities, and team members.
ACCREDITING STANDARDS: Wils.PTO-002.24.1.3 - Given a scenario, demonstrate an ethical hacking mindset by
maintaining professionalism and integrity.
TOPICS: 1.1 What, Why, When, How, and Who?
KEYWORDS: Bloom's: Remember/Understand
DATE CREATED: 3/28/2023 5:31 PM
DATE MODIFIED: 3/28/2023 5:31 PM
2. The National Institute of Standards and Technology (NIST) provides Special Publications to assist IT
personnel and companies in establishing procedures that govern information systems. Which Special
Publication (SP) is the technical guide to information systems testing and assessment?
a. SP 800-53
b. SP 800-100
c. SP 800-128
d. SP 800-115
ANSWER: d
RATIONALE: The SP 800-115 is the Technical Guide to Information Security Testing and
Assessment.
POINTS: 1
QUESTION TYPE: Multiple Choice
HAS VARIABLES: False
LEARNING OBJECTIVES: Wils.Pentest+1E.24.1.1 - Describe the penetration testing process and its phases,
activities, and team members.
ACCREDITING STANDARDS: Wils.PTO-002.24.1.3 - Given a scenario, demonstrate an ethical hacking mindset by
maintaining professionalism and integrity.
TOPICS: 1.1 What, Why, When, How, and Who?
KEYWORDS: Bloom's: Remember/Understand
DATE CREATED: 3/28/2023 5:31 PM
Page 1
, Name: Class: Date:
Mod 01 Introduction to Penetration Testing
DATE MODIFIED: 3/28/2023 5:31 PM
3. How often should penetration tests be performed for segmentation controls under the PCI DSS?
a. Quarterly
b. Monthly
c. Annually
d. Semi-annually
ANSWER: d
RATIONALE: Under the PCI DSS Requirement 11.3, segmentation controls should be tested
semi-annually, or when changes are made to those controls.
POINTS: 1
QUESTION TYPE: Multiple Choice
HAS VARIABLES: False
LEARNING OBJECTIVES: Wils.Pentest+1E.24.1.1 - Describe the penetration testing process and its phases,
activities, and team members.
ACCREDITING STANDARDS: Wils.PTO-002.24.1.3 - Given a scenario, demonstrate an ethical hacking mindset by
maintaining professionalism and integrity.
TOPICS: 1.1 What, Why, When, How, and Who?
KEYWORDS: Bloom's: Remember/Understand
DATE CREATED: 3/28/2023 5:31 PM
DATE MODIFIED: 3/28/2023 5:31 PM
4. The CIA triad includes all the following except?
a. Confidentiality
b. Availability
c. Intelligence
d. Integrity
ANSWER: c
RATIONALE: Confidentiality, integrity, and availability are the known concepts of the CIA
triad.
POINTS: 1
QUESTION TYPE: Multiple Choice
HAS VARIABLES: False
LEARNING OBJECTIVES: Wils.Pentest+1E.24.1.1 - Describe the penetration testing process and its phases,
activities, and team members.
ACCREDITING STANDARDS: Wils.PTO-002.24.1.3 - Given a scenario, demonstrate an ethical hacking mindset by
maintaining professionalism and integrity.
TOPICS: 1.2 CIA, DAD, and the Hacker Mindset
KEYWORDS: Bloom's: Remember/Understand
DATE CREATED: 3/28/2023 5:31 PM
DATE MODIFIED: 3/28/2023 5:31 PM
Page 2
