CompTIA Security Plus Mock Test Q703

Which of the following is a penetration testing method?

A. Searching the WHOIS database for administrator contact information
B. Running a port scanner against the target’s network
C. War driving from a target’s parking lot to footprint the wireless network
D. Calling the target’s help desk, requesting a password reset

Correct Answer: D
Section: Threats and Vulnerabilities

Explanation:
A penetration test is a proactive and authorized attempt to evaluate the security of an IT infrastructure by safely attempting to exploit system vulnerabilities, including OS, service and
application flaws, improper configurations, and even risky end-user behavior. Such assessments are also useful in validating the efficacy of defensive mechanisms, as well as endusers’
adherence to security policies.
Penetration testing evaluates an organization’s ability to protect its networks, applications, endpoints and users from external or internal attempts to circumvent its security controls to
gain unauthorized or privileged access to protected assets. Test results validate the risk posed by specific security vulnerabilities or flawed processes, enabling IT management and
security professionals to prioritize remediation efforts. By embracing more frequent and comprehensive penetration testing, organizations can more effectively anticipate emerging
security risks and prevent unauthorized access to critical systems and valuable information.
Penetration tests are not always technically clever attempts to access a network. By calling the target’s help desk and requesting a password reset, if they reset the password without
requiring proof that you are authorized to request a password change, you can easily gain access to the network.

Incorrect Answers:
A: The WHOIS database lists the administrative contacts for domain names such as comptia.com. This information is freely available to anyone. Searching the WHOIS database for
administrator contact information is not a penetration test. You are not attempting to access a network or system by searching the WHOIS database.
B: Running a port scanner against the target’s network would determine a list of ports open on the firewall. While this could be classed as the reconnaissance part of a penetration test,
by running the port scan, you are not actively attempting to access the network.
C: Footprinting the wireless network (measuring the range of the wireless network) is not a penetration test. By performing this action, you are not attempting to access a network or
system.

References:
http://www.coresecurity.com/penetration-testing-overview