Exam (elaborations)
WGU D484 Penetration Testing with Questions and Answers| Latest Update 2025| Verified Answers
- Course
- Institution
WGU D484 Penetration Testing with Questions and Answers| Latest Update 2025| Verified Answers
[Show more]
Content preview
WGU D484 Penetration Testing with Questionsand Answers| Latest Update 2025| Verified
Answers
A penetration tester is conducting a PCI DSS compliance report for a large company that does
ten million transactions a year. What level should they comply with?
Level 1 is a large merchant with over six million transactions a year and must have an external
auditor perform the assessment by an approved Qualified Security Assessor (QSA).
Potential in-scope assets:
IP Addresses, Domain and/or subdomains, API interfaces, Users, and Service Set Identifiers
(SSID)
Physical Location: On-site
An asset that is physically located where an attack is being carried out. On-site testing can
include attempting to compromise a business's physical barriers to gain access to systems,
server rooms, infrastructure, and employees.
Physical Location: Off-site
An asset that provides a service for a company but is not necessarily located at the same place,
such as remote offices and/or satellite locations. These locations can be a softer target as they
are less likely to have as many security controls as headquarters.
External Assets
are visible on the Internet, such as a website, web application, email, or DNS server. An external
asset is not a good candidate for attacks that require direct access to the network segment,
such as sniffing or ARP poisoning.
Internal Assets
can be accessed from within the organization. Access to these resources can be achieved by the
efforts of either a malicious insider or an external hacker who has gained credentials through a
phishing attack. If direct access to the internal network can be established, this asset is an
excellent candidate for all attack types.
First-party hosted asset
This includes assets that are hosted by the client organization. In some cases, first-party hosted
assets might be easier to attack than third-party hosted services, as most companies do not
have the same resources, expertise, or security focus as a service provider.
,Third-party hosted
This includes assets that are hosted by a vendor or partner of the client organization, such as
cloud-based hosting. This type of asset is not an impossible target, however, established
providers are generally more likely to have more stringent controls in place. In contrast,
smaller, newer hosting companies may have fewer resources and less security expertise and
may be easier to attack than larger, more mature providers.
PenTesting Assessments:
Compliance based, Red/Blue Team based, Goals-based
PenTesting Strategy
Unknown environment, Partially known environment, Known environment
Gramm-Leach-Bliley Act (GLBA)
A law enacted in 1999 that deregulated banks, but also instituted requirements that help
protect the privacy of an individual's financial information that is held by financial institutions.
Driver's Privacy Protection Act
governs the privacy and disclosure of personal information gathered by state Departments of
Motor Vehicles.
Master Service Agreement
A contract that establishes precedence and guidelines for any business documents that are
executed between two parties.
Statement of Work (SOW)
A document that defines the expectations for a specific business arrangement.
service-level agreement (SLA)
Agreement that sets the service requirements and expectations between a consumer and a
provider.
Open-source intelligence (OSINT)
Publicly available information plus the tools used to aggregate and search it.
Personally Identifiable Information (PII)
Data that can be used to identify or contact an individual (or in the case of identity theft, to
impersonate them).
Mail Exchange (MX)
, record provides the mail server that accepts email messages for a particular domain.
Nameserver (NS)
record lists the authoritative DNS server for a particular domain.
Text (TXT)
record provides information about a resource such as a server or network in human readable
form.
Service (SRV)
record provides host and port information on services such as voice over IP (VoIP) and instant
messaging (IM).
Querying Data Using whois
A whois query can provide a lot about the target organization and how its domain is configured.
The team can then use this information to take more targeted actions against the domain's
contacts, as well as the underlying architecture of the domain.
To obtain older website information, you can use a couple of different methods:
cache:<website>, Wayback Machine, web cache viewer extension
Forced browsing
Used to identify unlinked URLs or IPs from a website to gain access to unprotected resources.
Robots.txt Evaluation
The process of assessing the robots.txt file on a website to determine its directives for web
crawlers. This file, crucial for controlling the behavior of search engine bots, instructs them on
which parts of the website to crawl and which to avoid, thus influencing the visibility and
accessibility of web content.
Subject Alternative Name (SAN)
Field in a digital certificate allowing a host to be identifed by multiple host names/subdomains.
Popular OSINT Tools:
Metagoofil. Shodan, Maltego, and Recon-ng.
Metagoofil
a Linux-based tool that can search for metadata from public documents located on the target
website(s). It uses Python scripting to locate metadata within different document types such as
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Examsplug. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $13.24. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
80189 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now