CISSP Official Practice Tests by Mike Chapple, David Seidl

(chelsyfait) #1

Chapter 6 ■ Security Assessment and Testing (Domain 6) 147



  1. Ken is designing a testing process for software developed by his team. He is designing a
    test that verifies that every line of code was executed during the test. What type of analysis
    is Ken performing?
    A. Branch coverage
    B. Condition coverage
    C. Function coverage
    D. Statement coverage


For questions 85–87, please refer to the following scenario. During a port scan, Ben uses
nmap’s default settings and sees the following results.


  1. If Ben is conducting a penetration test, what should his next step be after receiving these
    results?
    A. Connect to the web server using a web browser.
    B. Connect via Telnet to test for vulnerable accounts.
    C. Identify interesting ports for further scanning.
    D. Use sqlmap against the open databases.

  2. Based on the scan results, what operating system (OS) was the system that was scanned
    most likely running?
    A. Windows Desktop
    B. Linux
    C. Network device
    D. Windows Server

Free download pdf