nerdexam
Exams312-50V9Questions#215
EC-Council

312-50V9 · Question #215

312-50V9 Question #215: Real Exam Question with Answer & Explanation

The correct answer is A: Explain to the CIO that you cannot eliminate all risk, but you will be able to reduce risk to. The goals of penetration tests are: 1. Determine feasibility of a particular set of attack vectors 2. Identify high-risk vulnerabilities from a combination of lower-risk vulnerabilities exploited in a particular sequence 3. Identify vulnerabilities that may be difficult or imposs

Question

You've just been hired to perform a pen test on an organization that has been subjected to a large-scale attack. The CIO is concerned with mitigating threats and vulnerabilities to totally eliminate risk. What is one of the first things you should do when given the job?

Options

  • AExplain to the CIO that you cannot eliminate all risk, but you will be able to reduce risk to
  • BInterview all employees in the company to rule out possible insider threats.
  • CEstablish attribution to suspected attackers.
  • DStart the wireshark application to start sniffing network traffic.

Explanation

The goals of penetration tests are: 1. Determine feasibility of a particular set of attack vectors 2. Identify high-risk vulnerabilities from a combination of lower-risk vulnerabilities exploited in a particular sequence 3. Identify vulnerabilities that may be difficult or impossible to detect with automated network or application vulnerability scanning software 4. Assess the magnitude of potential business and operational impacts of successful attacks 5. Test the ability of network defenders to detect and respond to attacks 6. Provide evidence to support increased investments in security personnel and technology https://en.wikipedia.org/wiki/Penetration_test

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 312-50V9 Practice
You've just been hired to perform a pen test on an organization... | 312-50V9 Q#215 Answer | NerdExam