COMPTIA SECURITY+ CERTIFICATION
EXAM SY0-601 PRACTICE TEST 7
V
A penetration test performed by an authorized professional with the full prior knowledge on how the
system that is to be tested works is called:
Black-hat hacking
White-box testing
Black-box testing
White-hat hacking - White-box testing
A penetration test of a computer system performed without the prior knowledge on how the system
that is to be tested works is referred to as a black-box testing.
True
False - True
Which of the following terms is used to describe a penetration test in which the person conducting the
test has a limited access to information on the internal workings of the targeted system?
Black-box testing
Fuzz testing
Gray-box testing
White-box testing - Gray-box testing
In penetration testing, passive reconnaissance relies on gathering information on the targeted system
with the use of various non-invasive software tools and techniques, such as pinging, port scanning, or OS
fingerprinting.
True
False - False
In penetration testing, active reconnaissance involves gathering any type of publicly available
information that can be used later for exploiting vulnerabilities found in the targeted system.
True
False - False
An optimal Wireless Access Point (WAP) antenna placement provides a countermeasure against:
War chalking
, Spoofing
War driving
Insider threat - War driving
Which of the following statements does not apply to the concept of OSINT?
Gaining advantage over competitors
Passive reconnaissance in penetration testing
Preparation before launching a cyberattack
Active reconnaissance in penetration testing - Active reconnaissance in penetration testing
In cybersecurity exercises, red team takes on the role of:
An attacker
A defender
Both an attacker and a defender
An exercise overseer - An attacker
In cybersecurity exercises, the defending team is referred to as:
Red team
Blue team
White team
Purple team - Blue team
In cybersecurity exercises, the role of an event overseer (i.e. the referee) is delegated to:
Red team
Blue team
White team
Purple team - White team
Physical and logical network diagrams provide visual representation of network architecture. A physical
network diagram contains information on hardware devices and physical links between them. A logical
network diagram describes the actual traffic flow on a network and provides information related to IP
addressing schemes, subnets, device roles, or protocols that are in use on the network.
True
False - True
In cybersecurity exercises, purple team combines the roles of all other teams (i.e. red, blue, and white).
EXAM SY0-601 PRACTICE TEST 7
V
A penetration test performed by an authorized professional with the full prior knowledge on how the
system that is to be tested works is called:
Black-hat hacking
White-box testing
Black-box testing
White-hat hacking - White-box testing
A penetration test of a computer system performed without the prior knowledge on how the system
that is to be tested works is referred to as a black-box testing.
True
False - True
Which of the following terms is used to describe a penetration test in which the person conducting the
test has a limited access to information on the internal workings of the targeted system?
Black-box testing
Fuzz testing
Gray-box testing
White-box testing - Gray-box testing
In penetration testing, passive reconnaissance relies on gathering information on the targeted system
with the use of various non-invasive software tools and techniques, such as pinging, port scanning, or OS
fingerprinting.
True
False - False
In penetration testing, active reconnaissance involves gathering any type of publicly available
information that can be used later for exploiting vulnerabilities found in the targeted system.
True
False - False
An optimal Wireless Access Point (WAP) antenna placement provides a countermeasure against:
War chalking
, Spoofing
War driving
Insider threat - War driving
Which of the following statements does not apply to the concept of OSINT?
Gaining advantage over competitors
Passive reconnaissance in penetration testing
Preparation before launching a cyberattack
Active reconnaissance in penetration testing - Active reconnaissance in penetration testing
In cybersecurity exercises, red team takes on the role of:
An attacker
A defender
Both an attacker and a defender
An exercise overseer - An attacker
In cybersecurity exercises, the defending team is referred to as:
Red team
Blue team
White team
Purple team - Blue team
In cybersecurity exercises, the role of an event overseer (i.e. the referee) is delegated to:
Red team
Blue team
White team
Purple team - White team
Physical and logical network diagrams provide visual representation of network architecture. A physical
network diagram contains information on hardware devices and physical links between them. A logical
network diagram describes the actual traffic flow on a network and provides information related to IP
addressing schemes, subnets, device roles, or protocols that are in use on the network.
True
False - True
In cybersecurity exercises, purple team combines the roles of all other teams (i.e. red, blue, and white).
