Practice Test Questions

24 Jun

Posted at 17:36h in Practice Test Questions by

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Tina is an independent security researcher who tests the security of systems of large corporations. She is working with a large automotive supplier to test the security of their systems. What term best describes Tina's work on this engagement? A. Black hat B. Blue hat C. White hat D. Grey hat Correct Answer: C Tina is working under an authorized contract, so her work is clearly that of a white hat hacker. White hats do not need to be employees of the company being tested, they merely must be authorized to do their work. If Tina was working without permission, but intended to report results only to the target company, her work would be considered grey hat. If she had malicious intent, she would be a black hat hacker. Blue hat is not a term commonly used to categorize attackers. Interested in more practice test questions? Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...

24 Jun

Posted at 16:30h in Practice Test Questions by

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Alan is assessing the results of a penetration test and discovered that the attackers managed to install a back door on one of his systems. What activity were the attackers most likely engaged in when they installed the back door? A. Pivoting B. Privilege Escalation C. Lateral Movement D. Persistence Correct Answer: D Back doors are an example of a persistence technique. They are designed to allow the attacker to regain access to the system even after the original flaw they exploited is patched. Pivoting and lateral movement techniques are used to switch targets after gaining initial access to an environment. Privilege escalation techniques are used to gain administrative privileges after obtaining access to a standard user account   Interested in more practice test questions?   Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...

24 Jun

Posted at 13:34h in Practice Test Questions by

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Jan is working as a team member during a cybersecurity exercise. As part of her work, she is researching and testing different tactics that her team might use to gain access to target systems. What team is Jan most likely a member of? A. Blue team B. Purple team C. Red team D. White team Correct Answer: C Jan is helping her team research tactics to attack systems, which is an example of an offensive operation. During a cybersecurity exercise, the red team is responsible for conducting offensive operations, while the blue team conducts defensive operations. The white team consists of the officials who moderate the exercise and arbitrate rules disputes. Purple teaming occurs after the exercise when the red and blue teams come together to discuss tactics and lessons learned.   Interested in more practice test questions?   Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...