This type of testing simulates attacks to determine the feasibility of an attack
What is Penetration testing?
This popular port scanning tool is known for its versatility and range of features.
What is Nmap?
This type of vulnerability allows attackers to gain unauthorized access to a system
What is unauthorized access?
This security principle emphasizes the importance of least privilege.
What is Least privilege?
This process involves examining the protective measures in place on an operational network
What is Security Test and Evaluation?
This tool combines SIM and SEM to provide real-time reporting and analysis of security events.
What is SIEM?
This type of attack involves flooding a target with traffic to disrupt its operations.
What is Denial of Service (DoS)?
This type of malware replicates itself and spreads to other systems
What is Virus/Worm?
Three types of network security tests
What are Penetration testing, network scanning, vulnerability scanning, password cracking, log review, integrity checkers, virus detection?
This vulnerability scanning software focuses on remote access, misconfigurations, and DoS attacks
What is Nessus?
This type of vulnerability arises from flaws in software code.
What is Software vulnerability?
This security framework provides a structured approach to managing IT security risks.
What is NIST Cybersecurity Framework?
The difference between vulnerability scanning and penetration testing
What is vulnerability scanning identifies potential weaknesses, while penetration testing actively exploits them to assess the impact?
This password auditing tool is used to test and detect weak passwords
What is L0phtCrack?
This type of attack involves injecting malicious code into a website or application
Cross-site scripting (XSS)
This security certification demonstrates expertise in ethical hacking and penetration testing.
What is Certified Ethical Hacker (CEH)?
The 5 steps involved in conducting a penetration test
What are (1)Planning and reconnaissance, (2) Scanning, (3) Gaining access, (4) Maintaining access, (5) Covering tracks
This framework provides information about vulnerabilities and aids in penetration testing
What is Metasploit?
This type of attack involves tricking users into revealing sensitive information
What is Phishing?
This security principle emphasizes the importance of defense in depth
Defense in depth