IT Questions Bank What initial information can be obtained when performing user enumeration in a penetration test?ITExamAnswers asked 10 months ago • Ethical HackerHow is open-source intelligence (OSINT) gathering typically implemented during a penetration test?ITExamAnswers asked 10 months ago • Ethical HackerA threat actor is looking at the IT and technical job postings of a target organization. What would be the most beneficial information to capture from these postings?ITExamAnswers asked 10 months ago • Ethical HackerWhat is the purpose of applying the Common Vulnerability Scoring System (CVSS) to a vulnerability detected by a penetration test?ITExamAnswers asked 10 months ago • Ethical HackerWhy is the Common Vulnerabilities and Exposures (CVE) resource useful when investigating vulnerabilities detected by a penetration test?ITExamAnswers asked 10 months ago • Ethical HackerWhen a penetration test identifies a vulnerability, how should the vulnerability be further verified?ITExamAnswers asked 10 months ago • Ethical HackerWhat is the disadvantage of running a TCP Connect scan compared to running a TCP SYN scan during a penetration test?ITExamAnswers asked 10 months ago • Ethical HackerWhat can be deduced when a tester enters the nmap -sF command to perform a TCP FIN scan and the target host port does not respond?ITExamAnswers asked 10 months ago • Ethical HackerWhat is the purpose of host enumeration when beginning a penetration test?ITExamAnswers asked 10 months ago • Ethical HackerWhy would a penetration tester use the nmap -sF command?ITExamAnswers asked 10 months ago • Ethical HackerIn which circumstance would a penetration tester perform an unauthenticated scan of a target?ITExamAnswers asked 10 months ago • Ethical HackerWhat is required for a penetration tester to conduct a comprehensive authenticated scan against a Linux host?ITExamAnswers asked 10 months ago • Ethical HackerWhat is the disadvantage of conducting an unauthenticated scan of a target when performing a penetration test?ITExamAnswers asked 10 months ago • Ethical HackerWhat type of server is a penetration tester enumerating when they enter the nmap -sU command?ITExamAnswers asked 10 months ago • Ethical HackerWhy would a penetration tester perform a passive reconnaissance scan instead of an active one?ITExamAnswers asked 10 months ago • Ethical Hacker