1. What is the primary goal of penetration testing? a. Attempt to uncover deep vulnerabilities and then manually exploit them b. Scan a network for open FTP ports c. Perform SYN DOS attack towards a server in a network d. Attempt to perform an automated scan to discover vulnerabilities
2. There is often confusion between vulnerability scanning and penetration testing. What is the best explanation of the difference between vulnerability scanning and penetration testing? a. Vulnerability scanning is performed using an automated tool to scan a network known vulnerability signatures. Penetration testing involves attempting to manually uncover deep vulnerabilities just as a threat actor would, and then exploiting them. b. Vulnerability scanning checks a network for outdated versions of services. Penetration testing is attempting to manually uncover deep vulnerabilities just a threat actor would, and then exploiting them. c. Vulnerability scanning is performed by manually scanning a network for known vulnerabilities. Penetration testing is attempting to manually scan a network for known vulnerability signatures using an advanced scanning tool. d. Vulnerability scanning checks a network for open ports and services. Penetratic testing is attempting to manually scan a network for known vulnerability signatu using an advanced scanning tool. 3. Khalid joins a security team where he is assigned an SOC developer role and has to build different teams under SOC. Which of the following teams should he build to deal with providing real-time feedback related to security incidents and threat detections, which can then be utilized to facilitate better prioritization of threats and a mature way of detecting threats? a. Red team b. Blue team c. Purple team d. White team