Appendix A

Answers to the “Do I Know This Already?” Quizzes and Q&A Sections

Answers to the “Do I Know This Already?” Quizzes

Chapter 1

1. a. With a black-box penetration test, the tester is provided with only a very limited amount of information. For instance, the tester may only be provided the domain names and IP addresses that are in scope for a particular target. The idea of this type of limitation is to have the tester take the perspective of an external attacker. Typically, an attacker would first determine a target and then begin to gather information about the target, using public information, and gaining more and more information to use in attacks. The tester would not have prior knowledge of the targets’ organization and infrastructure. ...

Get CompTIA PenTest+ Cert Guide now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.