Viewing Page 11 of 26 pages.

Download PDF version with 100 Questions

QUESTION: 41

What does a penetration test do that a Vulnerability Scan does NOT?

A penetration test seeks to actively exploit any known or discovered vulnerabilities.
A penetration test looks for known vulnerabilities and reports them without further action.
A penetration test is always an automated process - a vulnerability scan never is.
A penetration test never uses common tools such as Nrnap, Nessus and Metasploit.

Answer(s): B

Reveal Solution Next Question

QUESTION: 42

Which of the following acronyms covers the real-time analysis of security alerts generated by applications and network hardware?

CERT
SIEM.
CISM.
DDoS.

Answer(s): B

Reference:

https://en.wikipedia.org/wiki/Security_information_and_event_management

Reveal Solution Next Question

James is working with a software programme that completely obfuscates the entire source code, often in the form of a binary executable making it difficult to inspect, manipulate or reverse engineer the original source code.
What type of software programme is this?

Free Source.
Proprietary Source.
Interpreted Source.
Open Source.

Answer(s): C

Reveal Solution Next Question

QUESTION: 44

Which of the following testing methodologies TYPICALLY involves code analysis in an offline environment without ever actually executing the code?

Dynamic Testing.
Static Testing.
User Testing.
Penetration Testing.

Answer(s): D

Reveal Solution Next Question

Viewing page 12 of 26
Viewing questions 41 - 44 out of 100 questions

Post your Comments and Discuss BCS CISMP-V9 exam with other Community members:

Comments:

Name:

Exam Discussions & Posts

bob Commented on February 26, 2025
clarification on the level of standards and policy
UNITED STATES

Lovedeep Commented on March 30, 2024
To other guys out there who are going to take this exam. I want to share with you that this exam is extremely hard. Unless you study a lot and use these exam questions dumps you are not going to pass. I pass my exam after 2 attempt but these questions are word by word and was a live saver.
UNITED KINGDOM

Noobtastic Commented on March 29, 2024
In a security governance framework, which of the following publications would be at the HIGHEST level? the answer should be policy
UNITED KINGDOM

dave Commented on March 29, 2024
Question 8 from the official BCS text book "A policy is a high-level statement of an organisation’s values, goals and objectives in a specific area"
Anonymous

sarra Commented on January 17, 2024
the aaa triad in information security is authentication, accounting and authorisation so the answer should be d 1, 3 and 5.
UNITED KINGDOM

Nikki Commented on November 07, 2023
The AAA Triad in Information Security is Authentication, Accounting and Authorisation so the answer should be D 1, 3 and 5.
UNITED KINGDOM

Free CISMP-V9 Exam Braindumps (page: 12)

QUESTION: 41

QUESTION: 42

Reference:

QUESTION: 43

QUESTION: 44

Exam Discussions & Posts