Review Questions
You can find the answers in the Appendix.
-
Tom is running a penetration test in a web application and discovers a flaw that allows him to shut down the web server remotely. What goal of penetration testing has Tom most directly achieved?
- Disclosure
- Integrity
- Alteration
- Denial
-
Brian ran a penetration test against a school’s grading system and discovered a flaw that would allow students to alter their grades by exploiting a SQL injection vulnerability. What type of control should he recommend to the school’s cybersecurity team to prevent students from engaging in this type of activity?
- Confidentiality
- Integrity
- Alteration
- Availability
-
Edward Snowden gathered a massive quantity of sensitive information from the National Security Agency and released it to the media. What type of attack did he wage?
- Disclosure
- Denial
- Alteration
- Availability
-
Assuming no significant changes in an organization’s cardholder data environment, how often does...