1)A type of attack that depends on human error rather than on vulnerabilities in the system

1)A type of attack that depends on human error rather than on vulnerabilities in the system.

2. A type of computer attack that in which the intruder engages with the targeted system is known as _______________

3. Assessing security and auditing security mean the same thing.

4. Reconnaissance in information security is used for _______________

5. Which of the following should be covered under the security policy?

6. Which among the following involves evaluating security against a standard to check for complaince?

7. The risk level decreases with increase in the likelihood of potential risk.

8. A process that aims to gain information about a system without directly engaging with the system is known as _______________

9. Which of the following is best used for penetration testing?

10. A continuous service that emulates real-world attackers for the purpose of improving the Blue Team.

11 During the scanning phase of pen testing, which of the following method analyzes an application’s code to determine its behavior during runtime?

12Which among the following emphasizes on the need for security assessments?

13 A pen testing method in which a tester with access to an application behind its firewall imitates an attack that could be caused by a malicious insider.

14 While performing penetration testing, which of the following method is considered to be a more practical way of scanning?

15 Which of the following best finds uncommon and eccentric issues?

16 A type of testing with limited knowledge of the internal working of an application

17 Penetration testing is also called as ethical hacking.

18 Which among the following companies have bug bounty programs?

19 A valuable training exercise that provides a security team with real-time feedback from a hacker’s perspective.

20 Which of the following assessment type works to determine whether a threat made/detected, is genuine?

21 Passive fingerprinting sends and collects traffic to/from the target system.

22 Which of the following is best used with vulnerability assessments?

23 The process that involves analyzing entities like TCP and ICMP to identify an application or an operating system:

24 The type of testing that is best done during the development life cycle process of the in-house software

25 Which of the following can be considered as a sound example of social engineering attack?

26 Which of the following is typically used by threat actors/security analysts trying to determine the security posture of externally accessible assets?

27  Which of the following aims to integrate the defensive tactics and controls from the Blue Team with the threats and vulnerabilities found by the Red Team into a single objective?

Black Team

Green Team

Master Security Team

Purple Team