Test&Track

Don't have an account? Sign up

Google

Sorry, this content is only available to premium members

Sign up

Please tick the below box to proceed

I agree (or if I am under 13 my parent or guardian agrees on my behalf) to the terms and conditions of use and that:
- My test statistics may be published on the site leaderboard against my username
- My teacher(s) can review my test scores
- I can receive feedback on my tests from my teacher(s)

Please tick this box to proceed

Already have an account? Sign in

1. A penetration test, colloquially known as a pen test, is an _______________________ on a computer system, performed to evaluate the security of the system

authorized simulated attack

authorised and irreversibly destructive attack (such that the system will not recover)

unauthorised simulated attack

unauthorised unsimulated attack

2. Fill in the blanks in the following excerpt on pen testing.

The test is performed to identify both ___________ (also referred to as 
vulnerabilities), including the potential for unauthorized parties 
to gain access to the system's features and data, as well as ________, 
enabling a full risk assessment to be completed.

weaknesses / strengths

viruses / malware

potential hackers / good anti virus firewalls

malware / encryption weaknesses

3. The process typically identifies the ____________ and a particular goal—then reviews available information and undertakes various means to attain the goal

target systems

hacker in question

government

PC monitor under investigation

4. There are typically two well known types of penetration test targets: What are they?

Normal and Boundary

Red and Yellow

Fluid and Static

Black and White

5. Penetration testing can never be carried out manually by individuals who are capable of carrying out attacks.

6. Hackers that carry out penetration testing are sometimes called:

penepen testers

Boundary testers

There is no such thing - only computer systems can penetration test, not humans

ethical hackers or white-hat hackers

7. White box testing assumes knowledge of the internals of the systems.

8. White box testing would simulate an attack from someone with:

a vague if not non-existent knowledge of the system

a detailed and insider knowledge of the system

Very little knowledge of the system (hence the term 'white') lmited to the system colours

absolutely no knowledge of the system except for its location and name

9. The aim of black box testing may be to:

see if the system can be contained in a black box

see if the system meets the criteria of the 'black book' held by the governent

simulate an attack on the system with full knowledge of the inside of the system and the code.

simulate a full on cyberwarfare attack (e.g. flooding the servers with more requests than can be handled)

10. Under budget and time constraints, ______ is a common technique that discovers vulnerabilities. It aims to get an unhandled error through random input

You may need to research this one!

muzzing

nuzzing

fuzzing

kuzzing

Thank you for taking the trouble to report an error!

We will investigate and make the necessary changes.

Preview

03 - Penetration Testing