You have been contracted to perform a black box pen test against the Internet facing servers for a company. They want to know, with a high level of confidence, if their servers are vulnerable to external attacks. Your contract states that you can use all tools available to you to pen test the systems.
What course of action would you use to generate a report with the lowest false positive rate?
A. Use a port scanner to find open service ports and generate a report listing allvulnerabilities associated with those listening services.
B. Use a vulnerability or port scanner to find listening services and then try to exploitthose services.
C. Use a vulnerability scanner to generate a report of vulnerable services.
D. Log into the system and record the patch levels of each service then generate areport that lists known vulnerabilities for all the running services.
|
Download Printable PDF. VALID exam to help you PASS. |
 |