Free CISMP-V9 Exam Braindumps (page: 12)

Page 11 of 26

What does a penetration test do that a Vulnerability Scan does NOT?

  1. A penetration test seeks to actively exploit any known or discovered vulnerabilities.
  2. A penetration test looks for known vulnerabilities and reports them without further action.
  3. A penetration test is always an automated process - a vulnerability scan never is.
  4. A penetration test never uses common tools such as Nrnap, Nessus and Metasploit.

Answer(s): B



Which of the following acronyms covers the real-time analysis of security alerts generated by applications and network hardware?

  1. CERT
  2. SIEM.
  3. CISM.
  4. DDoS.

Answer(s): B


Reference:

https://en.wikipedia.org/wiki/Security_information_and_event_management



James is working with a software programme that completely obfuscates the entire source code, often in the form of a binary executable making it difficult to inspect, manipulate or reverse engineer the original source code.
What type of software programme is this?

  1. Free Source.
  2. Proprietary Source.
  3. Interpreted Source.
  4. Open Source.

Answer(s): C



Which of the following testing methodologies TYPICALLY involves code analysis in an offline environment without ever actually executing the code?

  1. Dynamic Testing.
  2. Static Testing.
  3. User Testing.
  4. Penetration Testing.

Answer(s): D






Post your Comments and Discuss BCS CISMP-V9 exam with other Community members:

Exam Discussions & Posts