412-79 Practice Test

John, a penetration tester, was asked for a document that defines the project, specifies
goals, objectives, deadlines, the resources required, and the approach of the project.
Which of the following includes all of these requirements?

A.

Penetration testing project plan

B.

Penetration testing software project management plan

C.

Penetration testing project scope report

D.

Penetration testing schedule plan

Before performing the penetration testing, there will be a pre-contract discussion with
different pen-testers (the team of penetration testers) to gather a quotation to perform pen
testing.

Which of the following factors is NOT considered while preparing a price quote to perform
pen testing?

A.

Total number of employees in the client organization

B.

Type of testers involved

C.

The budget required

D.

Expected time required to finish the project

Identify the injection attack represented in the diagram below:

A.

XPath Injection Attack

B.

 XML Request Attack

C.

XML Injection Attack

D.

Frame Injection Attack

Which of the following password hashing algorithms is used in the NTLMv2 authentication
mechanism?

A.

AES

B.

DES (ECB mode)

C.

MD5

D.

RC5

Why is a legal agreement important to have before launching a penetration test?

A.

Guarantees your consultant fees

B.

Allows you to perform a penetration test without the knowledge and consent of the
organization's upper management

C.

 It establishes the legality of the penetration test by documenting the scope of the project
and the consent of the company.

D.

It is important to ensure that the target organization has implemented mandatory
security policies