{"id":113622,"date":"2023-08-16T02:42:47","date_gmt":"2023-08-16T02:42:47","guid":{"rendered":"https:\/\/learnexams.com\/blog\/?p=113622"},"modified":"2023-08-16T02:42:49","modified_gmt":"2023-08-16T02:42:49","slug":"crest-cpsa-exam-300-questions-and-correct-answers-latest-2023-2024verified-answers-2","status":"publish","type":"post","link":"https:\/\/www.learnexams.com\/blog\/2023\/08\/16\/crest-cpsa-exam-300-questions-and-correct-answers-latest-2023-2024verified-answers-2\/","title":{"rendered":"CREST CPSA EXAM 300 QUESTIONS AND CORRECT ANSWERS LATEST 2023-2024(VERIFIED ANSWERS)"},"content":{"rendered":"\n<p>CREST CPSA EXAM 300 QUESTIONS AND<br>CORRECT ANSWERS LATEST 2023-<br>2024(VERIFIED ANSWERS)<br>What port does squid proxy use? &#8211; ANSWER- 3128<br>What are the benefits of a penetration test? &#8211; ANSWER- &#8211; Enhancement of the<br>management system<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Avoid fines<\/li>\n\n\n\n<li>Protection from financial damage<\/li>\n\n\n\n<li>Customer protection<br>What is the structure of a penetration test? &#8211; ANSWER- Planning and Preparation<br>Reconnaissance<br>Discovery<br>Analyzing information and risks<br>Active intrusion attempts<br>Final analysis<br>Report Preparation<br>What is another structure of a penetration test? &#8211; ANSWER- Reconnaissance<br>Vulnerability Scanning<br>Investigation<br>Exploitation<br>What is does infrastructure testing include? &#8211; ANSWER- Includes all internal<br>computer systems, associated external devices, internet networking, cloud and<br>virtualization testing.<br>What are the types of infrastructure testing? &#8211; ANSWER- &#8211; External Infrastructure<br>Penetration Testing<\/li>\n\n\n\n<li>Internal Infrastructure Penetration Testing<\/li>\n\n\n\n<li>Cloud and Virtualization Penetration Testing<\/li>\n\n\n\n<li>Wireless Security Penetration Testing<\/li>\n<\/ul>\n\n\n\n<p>What does External Infrastructure Testing include? &#8211; ANSWER- Mapping flaws in<br>the external infrastructure<br>What are the benefits of External Infrastructure Testing ? &#8211; ANSWER- &#8211; Identifies<br>flaws within the firewall configuration that could be misused.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Finds how information could be leaked out from the system<\/li>\n\n\n\n<li>Suggests how these issues could be fixed<\/li>\n\n\n\n<li>Prepares a comprehensive report highlighting the security risk of the networks<br>and suggests solutions<\/li>\n\n\n\n<li>Ensures overall efficiency and productivity of your business<br>What are the benefits of Internal Infrastructure testing? &#8211; ANSWER- -Identifies<br>how an internal attacker could take advantage of even a minor security flaw<\/li>\n\n\n\n<li>Identifies the potential business risk and damage that an internal attacker can<br>inflict<\/li>\n\n\n\n<li>Improves security systems of internal infrastructure<\/li>\n\n\n\n<li>Prepares a comprehensive report giving details of the security exposures of<br>internal networks along with the detailed action plan on how to deal with it<br>What are the benefits of cloud and virtualization penetration testing? &#8211; ANSWER-<\/li>\n\n\n\n<li>Discover the real risks within the virtual environment and suggests the methods<br>and costs to fix the threats and flaws<\/li>\n\n\n\n<li>Provides guidelines and an action plan how to resolve the issues<\/li>\n\n\n\n<li>Improves the overall protection systems<\/li>\n\n\n\n<li>Prepares a comprehensive security system report of the cloud computing and<br>virtualization, outline the security flaws, causes and possible solutions<br>What are the benefits of wireless security penetration testing ? &#8211; ANSWER- &#8211; To<br>find the potential risk caused by your wireless device<\/li>\n\n\n\n<li>To provide guidelines and an action plan on how to protect from the external<br>threats<\/li>\n\n\n\n<li>For preparing a comprehensive security system report of the wireless networking,<br>to outline the security flaw, causes, and possible solutions<br>What is Black Box Testing? &#8211; ANSWER- Black-box testing is a method in which<br>the tester is provided no information about the application being tested.<br>What are the advantages of Black Box Testing? &#8211; ANSWER- &#8211; Test is generally<br>conducted with the perspective of a user, not the designer<\/li>\n\n\n\n<li>Verifies contradictions in the actual system and the specifications<\/li>\n<\/ul>\n\n\n\n<p>What are the disadvantages of black box penetration testing? &#8211; ANSWER- &#8211;<br>Particularly, these kinds of test cases are difficult to design<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Possibly, it is not worth, in-case designer has already conducted a test case<\/li>\n\n\n\n<li>It does not conduct everything<br>What is white box penetration testing ? &#8211; ANSWER- A tester is provided a whole<br>range of information about the systems and\/or network such as schema, source<br>code, os details, ip address, etc.<br>What are the advantages of white box penetration testing? &#8211; ANSWER- &#8211; It ensures<br>that all independent paths of a module have been exercised<\/li>\n\n\n\n<li>It ensures that all logical decisions have been verified along with their true and<br>false value.<\/li>\n\n\n\n<li>It discovers the typographical errors and does syntax checking<\/li>\n\n\n\n<li>It finds the design errors that may have occurred because of the difference<br>between logical flow of the program and the actual execution.<br>What are the important highlights of the computer misuse act 1990? &#8211; ANSWERSection 1: Unauthorized access to computer material<br>Section 2: Unauthorized access with intent to commit or facilitate commission of<br>further offenses<br>Section 3: Unauthorized acts with intent to impair, or with recklessness as to<br>impairing the operation of a computer<br>Unauthorized modification of computer material<br>What are the important highlights of the human rights act 1998? &#8211; ANSWER- &#8211;<br>The right to life<\/li>\n\n\n\n<li>The right to respect for private and family life<\/li>\n\n\n\n<li>The right to freedom of religion and belief<\/li>\n\n\n\n<li>Your right not to be mistreated or wrongly punished by the state<br>when capturing the scope of a penetration test, what information requires consent<br>to meet the UK laws? &#8211; ANSWER- -Name &amp; Position of the individual who is<br>providing consent<br>-Authorized testing period &#8211; both the date range and hours that testing is permitted<\/li>\n\n\n\n<li>Contact information for members of technical staff, who may provide assistance<br>during the test<\/li>\n\n\n\n<li>IP addresses or URL that are in scope of testing<\/li>\n\n\n\n<li>Exclusions to certain hosts, services or areas within application testing<br>Credentials that may be required as part of authenticated application testing<br>What are the important highlights of the data protection act 1998? &#8211; ANSWER- &#8211;<br>Personal data must be processed fairly and lawfully<\/li>\n\n\n\n<li>be obtained only for lawful purposes and not processed in any manner<br>incompatible with those purposes<\/li>\n\n\n\n<li>be adequate, relevant and not excessive<\/li>\n\n\n\n<li>be accurate and current<\/li>\n\n\n\n<li>not be retained for longer than neccessary<\/li>\n\n\n\n<li>be processed in accordance with the rights and freedoms of data subjects<\/li>\n\n\n\n<li>Be protected against unauthorized or unlawful processing and against accidental<br>loss, destruction or damage<br>What are the important highlights of the police and justice act 2006? &#8211; ANSWER- &#8211;<br>Make amendments to the computer misuse act 1990<\/li>\n\n\n\n<li>increased penalties of computer misuse act (makes unauthorized computer access<br>serious enough to fall under extradition)<\/li>\n\n\n\n<li>Made it illegal to perform DOS attacks<\/li>\n\n\n\n<li>Made it illegal to supply and own hacking tools.<\/li>\n\n\n\n<li>Be careful about how you release information about exploits.<br>What issues may arise between a tester and his client? &#8211; ANSWER- &#8211; The tester is<br>unknown to his client &#8211; so, on what grounds, he should be given access of sensitive<br>data<br>-Who will take the guarantee of security of lost data?<\/li>\n\n\n\n<li>The client may blame for the loss of data or confidentiality to tester.<br>How can you prevent legal issues when doing a penetration test? &#8211; ANSWER- A<br>statement of intent should be duly signed by both parties<\/li>\n\n\n\n<li>The tester has the permission in writing, with clearly defined parameters<\/li>\n\n\n\n<li>the company has the details of its pen tester and an assurance that he would not<br>leak any confidential data<br>What does scoping a penetration test involve? &#8211; ANSWER- &#8211; All relevant risk<br>owners<\/li>\n\n\n\n<li>Technical staff knowledgeable about the target system<\/li>\n\n\n\n<li>A representative of the penetration test team<\/li>\n\n\n\n<li>Risk owners should outline any areas of special concern<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>CREST CPSA EXAM 300 QUESTIONS ANDCORRECT ANSWERS LATEST 2023-2024(VERIFIED ANSWERS)What port does squid proxy use? &#8211; ANSWER- 3128What are the benefits of a penetration test? &#8211; ANSWER- &#8211; Enhancement of themanagement system What does External Infrastructure Testing include? &#8211; ANSWER- Mapping flaws inthe external infrastructureWhat are the benefits of External Infrastructure Testing ? &#8211; ANSWER- [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[25],"tags":[],"class_list":["post-113622","post","type-post","status-publish","format-standard","hentry","category-exams-certification"],"_links":{"self":[{"href":"https:\/\/www.learnexams.com\/blog\/wp-json\/wp\/v2\/posts\/113622","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.learnexams.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.learnexams.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.learnexams.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.learnexams.com\/blog\/wp-json\/wp\/v2\/comments?post=113622"}],"version-history":[{"count":0,"href":"https:\/\/www.learnexams.com\/blog\/wp-json\/wp\/v2\/posts\/113622\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.learnexams.com\/blog\/wp-json\/wp\/v2\/media?parent=113622"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.learnexams.com\/blog\/wp-json\/wp\/v2\/categories?post=113622"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.learnexams.com\/blog\/wp-json\/wp\/v2\/tags?post=113622"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}