GIAC
GPEN · Question #433
GPEN Question #433: Real Exam Question with Answer & Explanation
Sign in or unlock GPEN to reveal the answer and full explanation for question #433. The question stem and answer options stay visible for context.
Question
You have been contracted to perform a black box pen test against the Internet facing servers for a company. They want to know, with a high level of confidence, if their servers are vulnerable to external attacks. Your contract states that you can use all tools available to you to pen test the systems. What course of action would you use to generate a report with the lowest false positive rate?
Options
- AUse a port scanner to find open service ports and generate a report listing allvulnerabilities
- BUse a vulnerability or port scanner to find listening services and then try to exploitthose
- CUse a vulnerability scanner to generate a report of vulnerable services.
- DLog into the system and record the patch levels of each service then generate areport that
Unlock GPEN to see the answer
You've previewed enough free GPEN questions. Unlock GPEN for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.