Footprinting is a first step that a penetration tester used to evaluate the security of any IT infrastructure, footprinting means to gather the maximum information about the computer system or a network and about the devices that are attached to this network.
References: http://www.ehacking.net/2011/02/footprinting-first-step-of-ethical.html

Incorrect Answers:

B: Bluejacking is the sending of unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones, PDAs or laptop computers, sending a vCard which typically contains a message in the name field (i.e., for bluedating or bluechat) to another Bluetooth-enabled device via the OBEX protocol.

C: BlueSmack is a Bluetooth attack that knocks out some Bluetooth-enabled devices immediately. This Denial of Service attack can be conducted using standard tools that ship with the official Linux Bluez utils package.
D: Bluesnarfing is the unauthorized access of information from a wireless device through a Bluetooth connection, often between phones, desktops, laptops, and PDAs (personal digital assistant.). This allows access to a calendar, contact list, emails and text
messages, and on some phones, users can copy pictures and private videos.
References: https://en.wikipedia.org/wiki/Bluejacking
http://trifinite.org/trifinite_stuff_bluesmack.html
https://en.wikipedia.org/wiki/Bluesnarfing

There are two main types of biometric identifiers:

1. Physiological characteristics: The shape or composition of the body.
2. Behavioral characteristics: The behavior of a person.
Examples of physiological characteristics used for biometric authentication include fingerprints; DNA; face, hand, retina or ear features; and odor. Behavioral characteristics are related to the pattern of the behavior of a person, such as typing rhythm, gait, gestures
and voice.

References: http://searchsecurity.techtarget.com/definition/biometrics

The Internet Printing Protocol (IPP) uses port 631.

References: https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers

The goals of penetration tests are:

1. Determine feasibility of a particular set of attack vectors
2. Identify high-risk vulnerabilities from a combination of lower-risk vulnerabilities exploited in a particular sequence
3. Identify vulnerabilities that may be difficult or impossible to detect with automated network or application vulnerability scanning software
4. Assess the magnitude of potential business and operational impacts of successful attacks
5. Test the ability of network defenders to detect and respond to attacks
6. Provide evidence to support increased investments in security personnel and technology
References: https://en.wikipedia.org/wiki/Penetration_test

grep is a command-line utility for searching plain-text data sets for lines matching a regular expression.

References: https://en.wikipedia.org/wiki/Grep

A boot sector virus is a computer virus that infects a storage device’s master boot record (MBR). The virus moves the boot sector to another location on the hard drive.

References: https://www.techopedia.com/definition/26655/boot-sector-virus

The top item of the OWASP 2013 OWASP’s Top Ten Project Most Critical Web Application Security Risks is injection.
Injection flaws, such as SQL, OS, and LDAP injection occur when untrusted data is sent to an interpreter as part of a command or query. The attackers hostile data can trick the interpreter into executing unintended commands or accessing data without proper authorization.

References: https://www.owasp.org/index.php/Top_10_2013-Top_10

The activities within the incident management process include:
Incident detection and recording

Classification and initial support
Investigation and analysis
Resolution and record
Incident closure
Incident ownership, monitoring, tracking and communication
Establish incident framework management
Evaluation of incident framework management
References: https://en.wikipedia.org/wiki/Incident_management_(ITSM)#Incident_management_procedure