ISC2 Exam CSSLP Topic 2 Question 46 Discussion

Actual exam question for ISC2's Certified Secure Software Lifecycle Professional exam

Question #: 46
Topic #: 2

[All Certified Secure Software Lifecycle Professional Questions]

You work as a security manager for BlueWell Inc. You are performing the external vulnerability testing, or penetration testing to get a better snapshot of your organization's security posture. Which of the following penetration testing techniques will you use for searching paper disposal areas for unshredded or otherwise improperly disposed-of reports?

ASniffing

BScanning and probing

CDumpster diving

DDemon dialing

Show Suggested Answer

Suggested Answer: C

Dumpster diving technique is used for searching paper disposal areas for unshredded or otherwise improperly disposed-of reports.

Answer B is incorrect. In scanning and probing technique, various scanners, like a port scanner, can reveal information about a

network's infrastructure and enable an intruder to access the network's unsecured ports.

Answer D is incorrect. Demon dialing technique automatically tests every phone line in an exchange to try to locate modems that are

attached to the network.

Answer A is incorrect. In sniffing technique, protocol analyzer can be used to capture data packets that are later decoded to collect

information such as passwords or infrastructure configurations.

by Winfred at May 08, 2022, 06:48 PM

Limited Time Offer

25%

Off

Get Premium CSSLP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!