Q1. Which one of the following is considered the BEST penetration testing method when the organization wants to ascertain the hacking possibilities from external networks to the internal systems?
- Black box testing
- Blue box testing
- Grey box testing
- White box testing
Q2. Vulnerabilities in IT systems are considered:
- Holes or errors
- Software functionality
- Hardware functionality
- None of the above
Q3. Which of the following step is not a vulnerability assessment and penetration testing process?
- Scope
- Result analysis
- Software development
- Reporting
Q4. Common Vulnerabilities and Exposures (CVE) is a:
- Dictionary
- Database
- Software program
- Vulnerability
Q5. The National Vulnerability Database (NVD) provides:
- Common Software defects
- Common Vulnerability Scoring System
- Common Vulnerability Sorting System
- Common hardware defects
Q6. If you need to address multi-level security requirements, which of the following models will you choose?
- Take-Grant Model
- Bell-LaPadula Model
- Biba Model
- Clark-Wilson Model
Q7. A boundary condition error results in:
- Buffer overflow
- Buffer reset
- Segmentation fault
- System reset
Q8. Which of the following statement about the Biba model is FALSE?
- Data integrity model
- No read up
- No read down
- No write up
Q9. Which of the following are used as evaluation parameters in Information Technology Security Evaluation Criteria (ITSEC)?
Q10. Which one of the following is a true representation of the protection domain in a Trusted Computer System (TCS)?
- It is a function to control or prevent direct access by an insecure or lower-level entity to a secure or higher-level entity
- It is a function to control or prevent direct access by an insecure or higher-level entity to a secure or higher-level entity
- It is a function to control or prevent direct access by an insecure or higher-level entity to a secure or lower-level entity
- It is a function to control or prevent direct access by an insecure or lower-level entity to an insecure or higher-level entity