Chapter 5: Vulnerability
Assessments | Comprehensive
Practice Test | Study Guide
Newest Actual Questions &
Answers (A+ Guide solutions)
2025 | 2026.
Quiz_________________?
Xavier is doing reconnaissance using a tool that pulls information from social media postings
that were made using location services. He is gathering information about a company and its
employees by going through their social media content.
What tool is MOST likely being used? -
Answer✅
Echosec
Quiz_________________?
What information will be returned from the following Google search? -
Answer✅
Excel documents with the word "password" in the title, but not from .gov and .gov.uk
websites.
Quiz_________________?
A network security engineer provided a report to the operations manager with a large
amount of public information that is accessible solely from the company's website.
1
,For example, the report shows email addresses and other company phone numbers on a
graph that would otherwise be known internally.
What tool did the network security engineer most likely use to gather this information with
little effort? -
Answer✅
Maltego
Quiz_________________?
When performing an authorized security audit of a website, you are given only the website
address and asked to find other hosts on that network that might be vulnerable to attack.
Which of the following tools might be used to lead you to the following Nmap output?
(Select two.) -
Answer✅
- whois.org
- nslookup
Quiz_________________?
A company has hired a security analyst to perform a comprehensive information gathering
and reconnaissance phase of a penetration testing engagement.
The analyst needs to use a tool that can automate gathering information about a target and
performing reconnaissance on the target network.
Which of the following tools is best suited for this task? -
Answer✅
Recon-ng
2
, Quiz_________________?
A network administrator is using Nmap to scan a target host for open ports.
Which Nmap scan type is known for being a fast and stealthy technique? -
Answer✅
TCP SYN
Quiz_________________?
Iggy, a penetration tester, is conducting an unknown penetration test. She wants to do
reconnaissance by gathering information about ownership, IP addresses, domain name,
locations, and server types.
Which of the following tools would be MOST helpful? -
Answer✅
Whois
Quiz_________________?
An attacker needs the following information about his target: domain ownership, domain
names, IP addresses, and server types.
Which tool is BEST matched for this operation? -
Answer✅
Whois
Quiz_________________?
You would like to extend the functionality of the Nmap tool to let you perform tasks such
as basic vulnerability detection performance and Windows user account discovery.
Which of the following would allow you to extend that functionality? -
Answer✅
3
Assessments | Comprehensive
Practice Test | Study Guide
Newest Actual Questions &
Answers (A+ Guide solutions)
2025 | 2026.
Quiz_________________?
Xavier is doing reconnaissance using a tool that pulls information from social media postings
that were made using location services. He is gathering information about a company and its
employees by going through their social media content.
What tool is MOST likely being used? -
Answer✅
Echosec
Quiz_________________?
What information will be returned from the following Google search? -
Answer✅
Excel documents with the word "password" in the title, but not from .gov and .gov.uk
websites.
Quiz_________________?
A network security engineer provided a report to the operations manager with a large
amount of public information that is accessible solely from the company's website.
1
,For example, the report shows email addresses and other company phone numbers on a
graph that would otherwise be known internally.
What tool did the network security engineer most likely use to gather this information with
little effort? -
Answer✅
Maltego
Quiz_________________?
When performing an authorized security audit of a website, you are given only the website
address and asked to find other hosts on that network that might be vulnerable to attack.
Which of the following tools might be used to lead you to the following Nmap output?
(Select two.) -
Answer✅
- whois.org
- nslookup
Quiz_________________?
A company has hired a security analyst to perform a comprehensive information gathering
and reconnaissance phase of a penetration testing engagement.
The analyst needs to use a tool that can automate gathering information about a target and
performing reconnaissance on the target network.
Which of the following tools is best suited for this task? -
Answer✅
Recon-ng
2
, Quiz_________________?
A network administrator is using Nmap to scan a target host for open ports.
Which Nmap scan type is known for being a fast and stealthy technique? -
Answer✅
TCP SYN
Quiz_________________?
Iggy, a penetration tester, is conducting an unknown penetration test. She wants to do
reconnaissance by gathering information about ownership, IP addresses, domain name,
locations, and server types.
Which of the following tools would be MOST helpful? -
Answer✅
Whois
Quiz_________________?
An attacker needs the following information about his target: domain ownership, domain
names, IP addresses, and server types.
Which tool is BEST matched for this operation? -
Answer✅
Whois
Quiz_________________?
You would like to extend the functionality of the Nmap tool to let you perform tasks such
as basic vulnerability detection performance and Windows user account discovery.
Which of the following would allow you to extend that functionality? -
Answer✅
3
