1 | Page
D487 Lesson 8+9 Questions and Correct
Answers/ Latest Update / Already Graded
authenticated scans
Ans: scans that require software to log onto a system to scan it
external scans
Ans: scans that target security issues that are found outside the firewall
internal scans
Ans: scans to identify security issues that a malicious attacker could exploit from
inside the network
intrusive target search
Ans: scans to exploit a vulnerability when it is identified
Nmap
Ans: a tool used for network scanning and security auditing
open-source software license compliance
Ans: regulations regarding the software licensing of in-house products
open-source software security
Ans: identifying software security within in-house developed software
penetration testing
Ans: an authorized attack of an application to determine its weaknesses
, 2 | Page
range
Ans: a networking laboratory created to conduct vulnerability analysis testing
Ship (A5) phase
Ans: the fifth phase of the security development lifecycle that verifies that the
product complies with security policies (occurs when the security team performs its
final analysis and security review on the applications or software)
SQL injection
Ans: a code injection that might destroy your software
target machine
Ans: a virtual space to practice identifying attack surfaces of the machine
virtualization
Ans: technology used to create software services
vulnerability scan
Ans: explore application and databases to attempt to identify weaknesses
vulnerability sites
Ans: websites with information on the latest known vulnerabilities
The four phases of penetration testing are:
D487 Lesson 8+9 Questions and Correct
Answers/ Latest Update / Already Graded
authenticated scans
Ans: scans that require software to log onto a system to scan it
external scans
Ans: scans that target security issues that are found outside the firewall
internal scans
Ans: scans to identify security issues that a malicious attacker could exploit from
inside the network
intrusive target search
Ans: scans to exploit a vulnerability when it is identified
Nmap
Ans: a tool used for network scanning and security auditing
open-source software license compliance
Ans: regulations regarding the software licensing of in-house products
open-source software security
Ans: identifying software security within in-house developed software
penetration testing
Ans: an authorized attack of an application to determine its weaknesses
, 2 | Page
range
Ans: a networking laboratory created to conduct vulnerability analysis testing
Ship (A5) phase
Ans: the fifth phase of the security development lifecycle that verifies that the
product complies with security policies (occurs when the security team performs its
final analysis and security review on the applications or software)
SQL injection
Ans: a code injection that might destroy your software
target machine
Ans: a virtual space to practice identifying attack surfaces of the machine
virtualization
Ans: technology used to create software services
vulnerability scan
Ans: explore application and databases to attempt to identify weaknesses
vulnerability sites
Ans: websites with information on the latest known vulnerabilities
The four phases of penetration testing are:
