{"id":117,"date":"2021-01-17T05:23:05","date_gmt":"2021-01-16T17:56:29","guid":{"rendered":"https:\/\/exampracticetests.com\/ISC\/CSSLP\/secure-software-lifecycle-professional-csslp-question109\/"},"modified":"2021-01-17T05:27:06","modified_gmt":"2021-01-17T05:27:06","slug":"secure-software-lifecycle-professional-csslp-question109","status":"publish","type":"post","link":"https:\/\/exampracticetests.com\/ISC\/CSSLP\/secure-software-lifecycle-professional-csslp-question109\/","title":{"rendered":"Secure Software Lifecycle Professional &#8211; CSSLP &#8211; Question109"},"content":{"rendered":"<div class=\"question\">Penetration testing (also called pen testing) is the practice of testing a computer system, network, or Web application to find vulnerabilities that an attacker could exploit. Which of the following areas can be exploited in a penetration test? Each correct answer represents a complete solution. Choose all that apply. <br \/><strong><br \/>A.<\/strong> Kernel flaws <br \/><strong>B.<\/strong> Information system architectures <br \/><strong>C.<\/strong> Race conditions <br \/><strong>D.<\/strong> File and directory permissions <br \/><strong>E.<\/strong> Buffer overflows <br \/><strong>F.<\/strong> Trojan horses <br \/><strong>G.<\/strong> Social engineering<\/div>\n<p><\/p>\n<style> .hidden-div{ display:none } <\/style>\n<p>\t\t\t\t\t\t\t<button onclick=\"getElementById('hidden-div').style.display = 'block'\"> Show Answer <\/button> <button onclick=\"getElementById('hidden-div').style.display = 'none'\">Hide Answer<\/button><\/p>\n<div class=\"hidden-div\" id=\"hidden-div\"><span style=\"\"><\/p>\n<div class=\"answer\">Correct Answer: <strong>ACDEFG<\/strong><\/div>\n<p><strong>Explanation:<\/strong> <\/p>\n<div class=\"explanation\">\nExplanation: Penetration testing (also called pen testing) is the practice of testing a computer system, network, or Web application to find vulnerabilities that an attacker could exploit. Following are the areas that can be exploited in a penetration test: Kernel flaws: Kernel flaws refer to the exploitation of kernel code flaws in the operating system. Buffer overflows: Buffer overflows refer to the exploitation of a software failure to properly check for the length of input data. This overflow can cause malicious behavior on the system. Race conditions: A race condition is a situation in which an attacker can gain access to a system as a privileged user. File and directory permissions: In this area, an attacker exploits weak permissions restrictions to gain unauthorized access of documents. Trojan horses: These are malicious programs that can exploit an information system by attaching themselves in valid programs and files. Social engineering: In this technique, an attacker uses his social skills and persuasion to acquire valuable information that can be used to conduct an attack against a system.<\/div>\n<p><\/strong><\/span> <\/div>\n","protected":false},"excerpt":{"rendered":"<p>Penetration testing (also called pen testing) is the practice of testing a computer system, network, or Web application to find vulnerabilities that an attacker could exploit. Which of the following areas can be exploited in a penetration test? Each correct answer represents a complete solution. Choose all that apply. A. Kernel flaws B. Information system [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[353,112,3],"class_list":["post-117","post","type-post","status-publish","format-standard","hentry","category-secure-software-lifecycle-professional-csslp","tag-choices","tag-question-109","tag-secure-software-lifecycle-professional-csslp"],"_links":{"self":[{"href":"https:\/\/exampracticetests.com\/ISC\/CSSLP\/wp-json\/wp\/v2\/posts\/117","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/exampracticetests.com\/ISC\/CSSLP\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/exampracticetests.com\/ISC\/CSSLP\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/exampracticetests.com\/ISC\/CSSLP\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/exampracticetests.com\/ISC\/CSSLP\/wp-json\/wp\/v2\/comments?post=117"}],"version-history":[{"count":1,"href":"https:\/\/exampracticetests.com\/ISC\/CSSLP\/wp-json\/wp\/v2\/posts\/117\/revisions"}],"predecessor-version":[{"id":468,"href":"https:\/\/exampracticetests.com\/ISC\/CSSLP\/wp-json\/wp\/v2\/posts\/117\/revisions\/468"}],"wp:attachment":[{"href":"https:\/\/exampracticetests.com\/ISC\/CSSLP\/wp-json\/wp\/v2\/media?parent=117"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/exampracticetests.com\/ISC\/CSSLP\/wp-json\/wp\/v2\/categories?post=117"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/exampracticetests.com\/ISC\/CSSLP\/wp-json\/wp\/v2\/tags?post=117"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}