Pentesting Reporting Phase

Questions and Answers

What is the first step in the information-gathering phase described in the text?

• Analyzing freely available sources of information (correct)
• Obtaining written permission for testing
• Using port scanners
• Including a non-disclosure agreement clause

Which tool is mentioned as being used during the information-gathering phase?

• Firewall bypass tool
• Malware analysis tool
• Port scanner (correct)
• Packet sniffer

What should be included in a contract to limit liability during a penetration test?

• Analysis of potential vulnerabilities
• Authorization to perform the test
• Payment terms and amounts
• Non-disclosure agreement clause (correct)

In the context of a penetration test, what is Open Source Intelligence (OSINT) used for?

Identifying potential ways to connect to client's systems (B)

Which phase follows the information-gathering phase in a penetration test according to the text?

Threat- modelling phase (B)

Which of the following is NOT a typical component of an executive summary in a pentesting report?

Detailed exploit code used during the pentest (A)

During the reporting phase of a pentest, what is the primary purpose of the technical report?

To provide detailed technical information for the IT staff to remediate vulnerabilities (B)

Which of the following is a common technique used by pentesters to escalate privileges during an engagement?

Exploiting a buffer overflow vulnerability (A)

Which of the following is NOT a recommended practice when writing an executive summary for a pentesting report?

Using technical jargon and acronyms without explanation (A)

During the information gathering phase of a pentest, which of the following techniques is commonly used?

Performing open-source intelligence (OSINT) gathering (A)

What is the primary purpose of the reporting phase in a pentesting engagement?

To convey the findings to the client in a meaningful way (C)

What is the main challenge when gathering information during a pentest, according to the text?

Sorting through a large amount of irrelevant data (B)

In a pentest, what is the purpose of vulnerability scanning tools and techniques during the information-gathering phase?

Revealing vulnerabilities without actively attacking (B)

What does Open Source Intelligence (OSINT) focus on in the context of a pentest?

Collecting information from legal sources (C)

What is the primary objective of including a risk profile in the reporting phase of a pentest?

Quantifying the risk exposure of identified vulnerabilities (C)

When crafting an executive summary for a pentesting report, what should be emphasized?

Potential impact of the identified vulnerabilities (D)

In a pentest, what is a typical component of a technical report following the exploitation phase?

Recommendation summary for countermeasures (D)

Why is it crucial to focus on privilege escalation during an engagement?

To gain higher levels of access within systems (D)

During a pentest, what distinguishes Open Source Intelligence (OSINT) from covert intelligence sources?

'OSINT relies on data available from public/legal sources' (A)