Self review: Plan of attack Quiz Answers
In this article i am gone to share Coursera Course: Cybersecurity Tools and Technologies | Self review: Plan of attack Quiz Answers with you..
Enrol Link: Cybersecurity Tools and Technologies
Self review: Plan of attack Quiz Answers
Instructions
Overview
In the Plan of attack exercise, you had to demonstrate your understanding of previous exercises and topics by organizing a white box penetration test for Sam’s Scoops’ network that is carried out within the Azure environment. The task has four steps:
Formulate a comprehensive penetration testing plan that replicates real-world infrastructure and apps and includes the five main stages of a Penetration test: Reconnaissance, Enumeration, Exploitation, Escalation, and lastly, Reporting and Remediation.
And craft a Network Architecture Diagram that includes an explanation of its key components and structure.
Now that you’ve completed the steps, you can use the following questions to help you make sure that you understood the task correctly.
Overview
Congratulations on completing the Plan of attack course project, where you formulated a complete penetration testing plan and developed a network architecture diagram for Sam’s Scoops. Now it’s time to reflect on your application of key skills and concepts throughout the exercise. This self-review quiz will assess your understanding of the key concepts and how effectively you applied them to complete the exercise.
Question 1)
When conducting a penetration test, which of the below represents the initial phase of the test?
- Enumeration
- Exploitation
- Escalation
- Reconnaissance
Question 2)
Which of the following tools is recommended for conducting automated network scanning during the enumeration phase of a penetration test?
- Metasploit
- Azure security center
- Nmap
- OWASP Webgoat
Question 3)
During a penetration test, what is the purpose of maintaining access through backdoors or persistent scripts?
- To ensure continued access for further testing.
- To demonstrate data security risks.
- To escalate privileges.
- To exploit vulnerabilities.
Question 4)
What is the importance of a Network Architecture Diagram in a penetration testing plan?
- It shows the timeline for conducting the test.
- It lists all vulnerabilities found during testing.
- It outlines the legal and compliance considerations.
- It provides a visual representation of the network structure.
Question 5)
What is the purpose of a debriefing session with stakeholders after penetration testing?
- To escalate identified vulnerabilities to senior management.
- To celebrate the successful completion of testing.
- To obtain permission to conduct the penetration test.
- To discuss findings, remediation plans, and lessons learned.
Question 6)
In the context of penetration testing, what is the primary goal of the exploitation phase?
- To escalate privileges on the target system.
- To gather information about Azure resources.
- To develop security policies.
- To identify vulnerabilities in the target system.
Question 7)
What should be the focus when prioritizing vulnerabilities in a penetration testing report?
- The order in which they were discovered.
- The complexity of remediation steps.
- Their criticality, potential impact, and exploitability.
- The number of vulnerabilities identified.
Question 8)
What is the purpose of the Rules of Engagement in a penetration testing plan?
- To celebrate the successful completion of testing.
- To escalate identified vulnerabilities to senior management.
- To obtain legal and regulatory approvals.
- To define the scope, testing hours, and limitations of the test.
Question 9)
When conducting a penetration test, what is considered the primary goal of the escalation phase?
- To escalate privileges on the target system.
- To conduct ethical hacking principles.
- To maintain access through backdoors or persistent scripts.
- To exploit vulnerabilities.
Question 10)
What is the purpose of the Communication Plan in a penetration testing project?
- To develop security policies.
- To establish communication channels for reporting progress and findings.
- To prioritize vulnerabilities.
- To obtain permission to conduct the penetration test.