Page | 1
D487 Lesson 8+9 Questions with
Detailed Verified Answers
Question:authenticated scans
Ans: scans that require software to log onto a system to scan it
Question: external scans
Ans: scans that target security issues that are found outside the firewall
Question: internal scans
Ans: scans to identify security issues that a malicious attacker could exploit
from inside the network
Question: intrusive target search
Ans: scans to exploit a vulnerability when it is identified
Question: Nmap
Ans: a tool used for network scanning and security auditing
Question: open-source software license compliance
Ans: regulations regarding the software licensing of in-house products
Question: open-source software security
Ans: identifying software security within in-house developed software
Question: penetration testing
Ans: an authorized attack of an application to determine its weaknesses
, Page | 2
Question: range
Ans: a networking laboratory created to conduct vulnerability analysis testing
Question: Ship (A5) phase
Ans: the fifth phase of the security development lifecycle that verifies that the
product complies with security policies (occurs when the security team
performs its final analysis and security review on the applications or software)
Question: SQL injection
Ans: a code injection that might destroy your software
Question: target machine
Ans: a virtual space to practice identifying attack surfaces of the machine
Question: virtualization
Ans: technology used to create software services
Question: vulnerability scan
Ans: explore application and databases to attempt to identify weaknesses
Question: vulnerability sites
Ans: websites with information on the latest known vulnerabilities
Question: The four phases of penetration testing are:
Ans: 1) assess
2) identify
3) evaluate and plan
4) deploy
D487 Lesson 8+9 Questions with
Detailed Verified Answers
Question:authenticated scans
Ans: scans that require software to log onto a system to scan it
Question: external scans
Ans: scans that target security issues that are found outside the firewall
Question: internal scans
Ans: scans to identify security issues that a malicious attacker could exploit
from inside the network
Question: intrusive target search
Ans: scans to exploit a vulnerability when it is identified
Question: Nmap
Ans: a tool used for network scanning and security auditing
Question: open-source software license compliance
Ans: regulations regarding the software licensing of in-house products
Question: open-source software security
Ans: identifying software security within in-house developed software
Question: penetration testing
Ans: an authorized attack of an application to determine its weaknesses
, Page | 2
Question: range
Ans: a networking laboratory created to conduct vulnerability analysis testing
Question: Ship (A5) phase
Ans: the fifth phase of the security development lifecycle that verifies that the
product complies with security policies (occurs when the security team
performs its final analysis and security review on the applications or software)
Question: SQL injection
Ans: a code injection that might destroy your software
Question: target machine
Ans: a virtual space to practice identifying attack surfaces of the machine
Question: virtualization
Ans: technology used to create software services
Question: vulnerability scan
Ans: explore application and databases to attempt to identify weaknesses
Question: vulnerability sites
Ans: websites with information on the latest known vulnerabilities
Question: The four phases of penetration testing are:
Ans: 1) assess
2) identify
3) evaluate and plan
4) deploy
