Written by students who passed Immediately available after payment Read online or as PDF Wrong document? Swap it for free 4.6 TrustPilot
logo-home
Exam (elaborations)

Penetration Testing and Network Security Practice Exam questions and correct answers– Updated 2026 (Graded A+) instant download pdf

Rating
-
Sold
-
Pages
33
Grade
A+
Uploaded on
29-06-2026
Written in
2025/2026

Penetration Testing and Network Security Practice Exam questions and correct answers– Updated 2026 (Graded A+) instant download pdf

Institution
Penetration Testing And Network Security
Course
Penetration Testing and Network Security

Content preview

Penetration Testing and Network Security
Practice Exam questions and correct
answers– Updated 2026 (Graded A+) instant
download pdf
Subject: Penetration Testing and Network Security
Subtopic: Reconnaissance

Question 1: During a passive reconnaissance engagement, a security consultant gathers
information about a target organization exclusively from public sources. Which activity best
represents passive reconnaissance?

A) Performing a TCP SYN scan against public servers
B) Conducting DNS zone transfers against the target domain
C) Reviewing employee information from publicly available social media profiles
D) Running vulnerability scanners against exposed hosts

Correct Answer: C - Reviewing employee information from publicly available social media
profiles

Rationale: Passive reconnaissance collects information without directly interacting with target
systems. Public social media data, company websites, and search engine results are typical
passive sources. TCP scans, DNS zone transfers, and vulnerability scans directly interact with
target infrastructure and therefore constitute active reconnaissance activities.



Question 2: A penetration tester performs WHOIS queries and examines publicly available DNS
records before beginning an assessment. The primary objective of these activities is to:

A) Escalate privileges on internal systems
B) Enumerate target infrastructure and ownership information
C) Exploit web applications
D) Bypass firewall controls

Correct Answer: B - Enumerate target infrastructure and ownership information

Rationale: WHOIS and DNS analysis help identify domains, IP ranges, administrators, and
infrastructure components. They support attack surface mapping before active testing begins.
They do not directly exploit systems or bypass security controls.

,Question 3: Which reconnaissance activity presents the lowest likelihood of detection by the
target organization?

A) Full TCP port scan
B) Vulnerability scanning
C) Public search engine analysis
D) Network enumeration

Correct Answer: C - Public search engine analysis

Rationale: Search engine queries occur externally and do not interact directly with the target
environment. Port scanning, vulnerability scanning, and enumeration generate network traffic
that may be detected by security monitoring systems.



Question 4: The primary purpose of reconnaissance during a penetration test is to:

A) Destroy evidence of compromise
B) Identify attack surfaces and potential entry points
C) Remove security controls
D) Install persistence mechanisms

Correct Answer: B - Identify attack surfaces and potential entry points

Rationale: Reconnaissance provides intelligence regarding systems, personnel, technologies,
and infrastructure. This information guides later assessment phases and improves testing
effectiveness.



Question 5: An organization publishes detailed employee directories and technical job
descriptions online. From a security perspective, this information most significantly increases the
risk of:

A) Cryptographic failure
B) Social engineering attacks
C) Wireless interference
D) Database corruption

Correct Answer: B - Social engineering attacks

Rationale: Public employee information assists attackers in crafting convincing phishing
campaigns and impersonation attempts. The information has little direct effect on cryptography,
wireless systems, or database integrity.

,Subtopic: Scanning and Enumeration

Question 6: A network scan identifies ports 22, 80, and 443 as open on a server. The next
appropriate step is:

A) Immediately exploit the server
B) Enumerate services running on the identified ports
C) Disable the firewall
D) Remove the server from the network

Correct Answer: B - Enumerate services running on the identified ports

Rationale: Service enumeration determines software versions, configurations, and potential
vulnerabilities. Exploitation should occur only after adequate information gathering and
authorization.



Question 7: Enumeration differs from scanning because enumeration primarily focuses on:

A) Discovering live hosts only
B) Collecting detailed information about identified services and resources
C) Blocking network traffic
D) Performing cryptographic analysis

Correct Answer: B - Collecting detailed information about identified services and
resources

Rationale: Scanning identifies systems and open ports, while enumeration gathers deeper
information such as usernames, shares, services, and configurations.



Question 8: Which result from a scan most likely indicates a potential attack surface?

A) Closed ports exclusively
B) Unreachable hosts
C) Exposed administrative services accessible from external networks
D) Disabled network interfaces

Correct Answer: C - Exposed administrative services accessible from external networks

Rationale: Administrative services exposed externally may provide unauthorized access
opportunities. Closed ports and unreachable hosts generally present lower risk.

, Question 9: The principle of least privilege is most relevant during enumeration because:

A) Attackers seek unnecessary administrative access
B) Encryption is required for scanning
C) Firewalls prevent all attacks
D) Vulnerabilities cannot exist on user accounts

Correct Answer: A - Attackers seek unnecessary administrative access

Rationale: Excessive permissions increase the value of compromised accounts and simplify
lateral movement and privilege escalation.



Question 10: Which scenario demonstrates effective enumeration?

A) Identifying an IP address only
B) Determining software versions and service configurations on a target host
C) Disconnecting the host from the network
D) Deleting system logs

Correct Answer: B - Determining software versions and service configurations on a target
host

Rationale: Detailed service information assists in vulnerability identification and risk
assessment.



Subtopic: Vulnerability Assessment

Question 11: The primary objective of a vulnerability assessment is to:

A) Exploit every identified weakness
B) Identify and prioritize security weaknesses
C) Destroy malicious software
D) Recover deleted files

Correct Answer: B - Identify and prioritize security weaknesses

Rationale: Vulnerability assessments focus on discovering and evaluating risks rather than
exploiting systems. Remediation prioritization is a critical outcome.

Written for

Institution
Penetration Testing and Network Security
Course
Penetration Testing and Network Security

Document information

Uploaded on
June 29, 2026
Number of pages
33
Written in
2025/2026
Type
Exam (elaborations)
Contains
Questions & answers

Subjects

$23.99
Get access to the full document:

Wrong document? Swap it for free Within 14 days of purchase and before downloading, you can choose a different document. You can simply spend the amount again.
Written by students who passed
Immediately available after payment
Read online or as PDF

Get to know the seller
Seller avatar
Edgarexamhub

Get to know the seller

Seller avatar
Edgarexamhub teach me-2
View profile
Follow You need to be logged in order to follow users or courses
Sold
-
Member since
4 days
Number of followers
0
Documents
78
Last sold
-

0.0

0 reviews

5
0
4
0
3
0
2
0
1
0

Recently viewed by you

Why students choose Stuvia

Created by fellow students, verified by reviews

Quality you can trust: written by students who passed their tests and reviewed by others who've used these notes.

Didn't get what you expected? Choose another document

No worries! You can instantly pick a different document that better fits what you're looking for.

Pay as you like, start learning right away

No subscription, no commitments. Pay the way you're used to via credit card and download your PDF document instantly.

Student with book image

“Bought, downloaded, and aced it. It really can be that simple.”

Alisha Student

Working on your references?

Create accurate citations in APA, MLA and Harvard with our free citation generator.

Working on your references?

Frequently asked questions