Skip to main content

Cyber Security - Penetration Testing MCQs and Solutions

Hello everyone! 
These Multiple Choice Questions are based on Penetration Testing which is also known as pen-testing. Pen-testing is related to computer security where legal professionals try to find out vulnerabilities of the system by attacking it. Here are some of the important and frequently asked questions of penetration testing.

Q 1) Penetration testing __________.

a. Does not determine the critical vulnerabilities 
b. Cannot be used to identify the vulnerabilities left undetected by automated vulnerability scanners 
c. Can evaluate the security of system or network
d. Is an unauthorized attempt to exploit a computer system

Solution: c. Can evaluate the security of system or network

Q 2) Before performing any penetration test through legal procedure, which key points listed below is not mandatory?

a. Know the nature of the organization
b. System and network
c. Characteristics of work done in the firm
d. Type of broadband company used by the firm

Solution: d. Type of broadband company used by the firm

Q 3) A penetration tester must identify and keep in mind the _______ requirements of a firm while evaluating the security postures.

a. Privacy and security
b. Rules and regulations
c. Hacking techniques
d. Ethics to talk to sensors

Solution: a. Privacy and security

Q 4) Which of the following is a test where in the pen-tester has partial knowledge about the target system/network?

a. Black box testing
b. White box testing
c. Gray box testing
d. Blue box testing

Solution: c. Gray box testing

Q 5) Which of the following are ways to conduct penetration testing?

a. Black Box testing, White Box testing, Gray Box Testing
b. Black Box testing, Red Box Testing, Gray Box Testing
c. White Box testing, Brown Box Testing, Red Box Testing
d. None of the above

Solution: a. Black Box testing, White Box testing, Gray Box Testing

Q 6) Find the wrong statement about penetration testing.

a. It is an unintentional attack
b. Pen-testing is used for security assessment
c. Pen testing improves the security of the system
d. Pen testing does discovers security weaknesses

Solution: a. It is an unintentional attack

Q 7) Which of the following is one of the important documents to be signed before the penetration test to safeguard interest of the concerned parties?

a. Non-disclosure agreement
b. Legal agreement
c. Service level agreement
d. All of these

Solution: a. Non-disclosure agreement

Q 8) ______ remains the same in both internal and external testing.

a. Target
b. Attacker
c. Both target and attacker
d. None of them

Solution: a. Target

Q 9) Pen testers will use _____ to protect the possibility of data leakage and to add another layer of security.

a. Code review
b. Vulnerability scan
c. Manual testing
d. All of them

Solution: a. Code review

Q 10) __________ saves time and resources, but is not accurate or professional.

a. Automated pen-testing
b. Manual pen-testing
c. Both of them
d. None of them

Solution: a. Automated pen-testing

Q 11) Identify the benefits of using automated tools.
                A:Faster           B:Computerized
                C:Accurate      D:In-depth coverage

a. A and D
b. C and D
c. A and B
d. B and C

Solution: c. A and B

Q 12) Identify the disadvantages of using automated tools. 
                A: Fast             
                B: Dependency on the vendor’s database 
                C: Only tests technical flow 
                D: Computerized

a. Only B
b. Only D
c. A and C
d. B and C

Solution: d. B and C

Q 13) Manual pen-testing requires ______ .
            A:Less planning                  B:Schedule 
            C:Attack design                  D:Automated tools

a. Only B
b. Only D
c. C and D
d. B and C

Solution: d. B and C

Q 14) Pick out the merits of manual testing. 
             A: Dependency on the skill of the tester         
             B: Accuracy 
             C: Possibility of forgetting                             
             D: Familiarity with new threats

a. B and C
b. B and D
c. C and D
d. All of them

Solution: b. B and D

Q 15) What are the disadvantages of manual testing? 
                 A. Awareness to new attack vendors 
                 B. Tests for both technical and business/logic flow 
                 C. Does not cover the entire system 
                 D. Slow

a. Only A
b. Only C
c. C and D
d. A and C

Solution: c. C and D

Labels:
Location: India

Comments

Post a Comment

Popular posts from this blog

Connecting GitHub with Jenkins - Step by step Tutorial

Hello Everyone, In this tutorial, we will learn how to create a New Item (Project), connect Git and GitHub to Jenkins and run the files from the Git repository on Jenkins. Jenkins is an open-source automation tool written in Java with plugins built for Continuous Integration purposes. Jenkins is used to build and test your software projects continuously making it easier for developers to integrate changes to the project, and making it easier for users to obtain a fresh build. Facing trouble with the installation of Jenkins? Click here to know more. NOTE: It is mandatory to install plugins for Git and GitHub before connecting your GitHub repository to Jenkins. If you're using Jenkins for the first time, you need to install the plugins. To know more about these plugins, check out Git and GitHub Plugins for Jenkins . This tutorial demonstrates executing python code which requires separate plugins. Know more about Python Plugi...
Post a Comment
Read more

Statistics - MCQs

STATISTICS  This article contains few statistics MCQs related to mean, median, mode and standard deviation, asked in TCS Freshers placements. Q 1) The mean of the median, the mode and the range of the following data: 15, 10, 17, 13, 25, 17, 11, 18, 14, 19, 12, 20 a. 15 b. 16(2/3) c. 16 d. 15(1/3) Solution: c) 16 Arrange the data in increasing order- 10,11,12,13,14,15,17,17,18,19,20,25 Median = (Sum of the middle two terms)/2 = (15+17) /2 = 16 Mode = Number repeating the most number of times = 17 Range =10 to 25 = 15 Mean of median, mode and range = (16+17+15) /3 =16 Q 2) What is the mean of the mode and the median on the following data? 12, 28, 26, 27, 17, 16, 22, 25, 15, 16,...
Post a Comment
Read more

IoE (Internet of Everything) Question Paper Solution (MCQs) for 2020 Mumbai University Examination Information Technology Semester 8

Hello Everyone! This article is based on the Multiple Choice Questions asked in the University Exam for the subject Internet of Everything. These MCQs were asked in the 2020 Mumbai University-BE-Information Technology-Semester 8 Exam for the subject- Internet of Everything. The question paper for each cluster is different. These MCQs were asked in the examination of one cluster. The question paper had 25 MCQs of 2 marks each. Q 1) ________ involves making smaller and smaller things with the ability to connect and interact. a. Smart Tech b. Micro Tech c. RFID Tech d. Nano Tech Solution: d) Nano Tech Q 2) RFID stands for? a. Radio frequency identification b. Random frequency identification c. Random frequen...
Post a Comment
Read more