Skip survey header

CISSP Practice Quiz: Domain 6 Security Assessment and Testing Quiz 1

CISSP Practice Quiz: Domain 6 Security Assessment and Testing Quiz 1

1. When running a port scan on a system, what result will the scanner return if the firewall is allowing access to a port but the system is not accepting connections on that port?
2. Mark would like to run a basic port scan against his systems using a free tool that is designed specifically for that purpose. What tool should he use?
3. Diana runs a port scan on a system and detects that port 22 is open and accepting connections. What Linux utility normally runs on port 22?
4. Chris would like to run a network vulnerability scan against his web server. Which one of the following tools is best suited for the task?
5. Which one of the following vulnerabilities would be best detected using a web application vulnerability scanner?
6. Matt is performing a penetration test on behalf of a client. Before the engagement began, the client provided him with detailed information about the target system. What type of penetration test is Matt performing?
7. Yolanda is testing a new software package for vulnerabilities and creates input for use in her tests using the zzuf tool. What specific type of test is zzuf designed to assist with?
8. Mike discovers that an attacker is network scanning his systems and captures the packets used in the test. He finds that they have the FIN, PSH and URG TCP flags set to true. What type of attack is underway?
9. Ricky is scanning his network for systems with ports openly accessible from the Internet and discovers the following four ports open on a number of systems. Which one is the greatest cause for concern?
10. Which one of the following transitions is not acceptable during a code review using the Fagan inspection process?
This free quiz is sponsored by: