IT Questions Bank Mar 16, 2020 Last Updated: Jun 29, 2023 No Comments Share Tweet Share Pin it IT Questions Bank › Category: Ethical HackerWhat is the purpose of applying the Common Vulnerability Scoring System (CVSS) to a vulnerability detected by a penetration test?ITExamAnswers asked 10 months ago • Ethical HackerWhy is the Common Vulnerabilities and Exposures (CVE) resource useful when investigating vulnerabilities detected by a penetration test?ITExamAnswers asked 10 months ago • Ethical HackerWhen a penetration test identifies a vulnerability, how should the vulnerability be further verified?ITExamAnswers asked 10 months ago • Ethical HackerWhat is the disadvantage of running a TCP Connect scan compared to running a TCP SYN scan during a penetration test?ITExamAnswers asked 10 months ago • Ethical HackerWhat can be deduced when a tester enters the nmap -sF command to perform a TCP FIN scan and the target host port does not respond?ITExamAnswers asked 10 months ago • Ethical HackerWhat is the purpose of host enumeration when beginning a penetration test?ITExamAnswers asked 10 months ago • Ethical HackerWhy would a penetration tester use the nmap -sF command?ITExamAnswers asked 10 months ago • Ethical HackerIn which circumstance would a penetration tester perform an unauthenticated scan of a target?ITExamAnswers asked 10 months ago • Ethical HackerWhat is required for a penetration tester to conduct a comprehensive authenticated scan against a Linux host?ITExamAnswers asked 10 months ago • Ethical HackerWhat is the disadvantage of conducting an unauthenticated scan of a target when performing a penetration test?ITExamAnswers asked 10 months ago • Ethical HackerWhat type of server is a penetration tester enumerating when they enter the nmap -sU command?ITExamAnswers asked 10 months ago • Ethical HackerWhy would a penetration tester perform a passive reconnaissance scan instead of an active one?ITExamAnswers asked 10 months ago • Ethical HackerWhich specification defines the format used by image and sound files to capture metadata?ITExamAnswers asked 10 months ago • Ethical HackerWhen performing passive reconnaissance, which Linux command can be used to identify the technical and administrative contacts of a given domain?ITExamAnswers asked 10 months ago • Ethical HackerWhich two tools could be used to gather DNS information passively? (Choose two.)ITExamAnswers asked 10 months ago • Ethical Hacker