Question 1

Which of the following biases involves making a decision before investigating and then only looking for data that supports the theory?&#10;A) Present bias&#10;B) Framing effect&#10;C) Confirmation bias&#10;D) Availability bias

Accepted Answer

Confirmation bias involves making a decision or forming a belief and then seeking out or interpreting information in a way that confirms that belief, while ignoring or dismissing evidence that contradicts it.

Question 2

What term describes an expansion of a test beyond the initial set of the test's limitations?

Accepted Answer

Creep

Question 3

At which level of penetration testing are testers given limited knowledge of the network and some elevated privileges?&#10;A) Gray box&#10;B) White box&#10;C) Black box&#10;D) Yellow box

Accepted Answer

Gray box testing involves testers having limited knowledge of the network and some elevated privileges, allowing them to simulate an insider threat.

Question 4

______________ bias tends to discount future risks and gains in favor of immediate gratification.

Accepted Answer

The answer of ______________ bias tends to discount future risks...

Question 5

Which of the following is not considered an advantage of contracting with an external third party to conduct a penetration test?&#10;A) Expertise&#10;B) Focus&#10;C) Experience&#10;D) Cost

Accepted Answer

Contracting with an external third party for penetration testing can be costly compared to using internal resources.

Question 6

What is the process of turning binary machine language back into source code?&#10;A) Reverse engineering&#10;B) Disassembling&#10;C) Decomposition&#10;D) Decompensation

Accepted Answer

The answer of What is the process of turning binary...

Question 7

What term describes a network of vendors, manufacturers, and distributors that move a product from the supplier to the customer?

Accepted Answer

The answer of What term describes a network of vendors,...

Question 8

Which of the following is the isolation of malware from interaction with a computer's operating system, hardware, and files?&#10;A) Disassembling&#10;B) Sandboxing&#10;C) Decompiling&#10;D) Reverse engineering

Accepted Answer

Sandboxing is a security mechanism used to isolate running programs, such as malware, from interacting with the operating system, hardware, and files, thereby preventing potential harm.

Question 9

A risk matrix is a visual color-coded tool that lists the impact and likelihood of risks.

Accepted Answer

A risk matrix is designed to visually represent the severity and probability of risks using a color-coded system, helping to prioritize risk management efforts.

Question 10

For software, a digital representation or _______________ of the original file can be created and then compared against a later version of the file; if the two versions match, the code has not changed.

Accepted Answer

The answer of For software, a digital representation or _______________...

Deck 4: Exploring Penetration Testing