412-79 Practice Test

Amazon Consulting Corporation provides penetration testing and managed security
services to companies. Legalityand regulatory compliance is one of the important
components in conducting a successful security audit.
Before starting a test, one of the agreements both the parties need to sign relates to
limitations, constraints, liabilities, code of conduct, and indemnification considerations
between the parties.

Which agreement requires a signature from both the parties (the penetration tester and the
company)?

A.

Non-disclosure agreement

B.

Client fees agreement

C.

Rules of engagement agreement

D.

Confidentiality agreement

Which of the following pen testing reports provides detailed information about all the tasks
performed during penetration testing?

A.

Client-Side Test Report

B.

Activity Report

C.

Host Report

D.

Vulnerability Report

TCP/IP model isa framework for the Internet Protocol suite of computer network protocols that defines the communication in an IP-based network. It provides end-to-end connectivity
specifying how data should be formatted, addressed, transmitted, routed and received at
the destination. This functionality has been organized into four abstraction layers which are
used to sort all related protocols according to the scope of networking involved.

Which of the following TCP/IP layers selects the best path through the network for packets
to travel?

A.

Transport layer

B.

Network Access layer

C.

Internet layer

D.

Application layer

Identify the person who will lead the penetration-testing project and be the client point of
contact.

A.

Database Penetration Tester

B.

Policy Penetration Tester

C.

Chief Penetration Tester

D.

Application Penetration Tester

What are placeholders (or markers) in an HTML document that the web server will
dynamically replace with data just before sending the requested documents to a browser?

A.

Server Side In

B.

Sort Server Includes

C.

Server Sort Includes

D.

Slide Server Includes