Chapter 11 ■ Practice Test 3 261
A. SYN
B. ACK
C. FIN/ACK
D. SY N/ACK
- Chris is conducting reconnaissance on a remote target and discovers that pings are
allowed through his target’s border firewall. What can he learn by using ping to probe the
remote network?
A. Which systems respond to ping, a rough network topology, and potentially the
location of additional firewalls
B. A list of all of the systems behind the target’s firewall
C. The hostnames and time to live (TTL) for each pingable system, and the ICMP types
allowed through the firewall
D. Router advertisements, echo request responses, and potentially which hosts are
tarpitted - What access management concept defines what rights or privileges a user has?
A. Identification
B. Accountability
C. Authorization
D. Authentication - Which one of the following is not a classification level commonly found in commercial
data classification schemes?
A. Secret
B. Sensitive
C. Confidential
D. Public - Files, databases, computers, programs, processes, devices, and media are all examples of
what?
A. Subjects
B. Objects
C. File stores
D. Users - Danielle is testing tax software, and part of her testing process requires her to input a vari-
ety of actual tax forms to verify that the software produces the right answers. What type
of testing is Danielle performing?
A. Use case testing
B. Dynamic testing
C. Fuzzing
D. Misuse testing