Chapter 6 ■ Security Assessment and Testing (Domain 6) 137
PlanningReportingInformation
Gathering and
DiscoveryVulnerability
Exploitation Scanning- What task is the most important during Phase 1, Planning?
A. Building a test lab
B. Getting authorization
C. Gathering appropriate tools
D. Determining if the test is white, black, or gray box- Which of the following tools is most likely to be used during discovery?
A. Nessus
B. john
C. Nmap
D. Nikto- Which of these concerns is the most important to address during planning to ensure that
the reporting phase does not cause problems?
A. Which CVE format to use
B. How the vulnerability data will be stored and sent
C. Which targets are off-limits
D. How long the report should be