Mod 01 Introduction to Penetration Testing 1. A flaw in software, hardware, or procedures is known as what? a. A vulnerability b. An exploit c. An attack d. A mistake ANSWER: a RATIONALE: A vulnerability is a flaw in the software, hardware, or procedures that if exploited, can cause undesired operations, or can be used to circumvent security controls. POINTS: 1 QUESTION TYPE: Multiple Choice HAS VARIABLES: False LEARNING OBJECTIVES: Wils.Pentest+1E.24.1.1 - Describe the penetration testing process and its phases, activities, and team members. ACCREDITING STANDARDS: Wils.PTO-002.24.1.3 - Given a scenario, demonstrate an ethical hacking mindset by maintaining professionalism and integrity. TOPICS: 1.1 What, Why, When, How, and Who? KEYWORDS: Bloom's: Remember/Understand DATE CREATED: 3/28/2023 5:31 PM DATE MODIFIED: 3/28/2023 5:31 PM 2. The National Institute of Standards and Technology (NIST) provides Special Publications to assist IT personnel and companies in establishing procedures that govern information systems. Which Special Publication (SP) is the technical guide to information systems testing and assessment? a. SP 800-53 b. SP 800-100 c. SP 800-128 d. SP 800-115 ANSWER: d RATIONALE: The SP 800-115 is the Technical Guide to Information Security Testing and Assessment. POINTS: 1 QUESTION TYPE: Multiple Choice HAS VARIABLES: False LEARNING OBJECTIVES: Wils.Pentest+1E.24.1.1 - Describe the penetration testing process and its phases, activities, and team members.