1. A security manager is explaining why physical penetration testing is critical even when an organization has strong network firewalls and encrypted systems. Which statement best explains the relationship between physical access and cybersecurity?
2. A penetration testing firm is hired to evaluate a company's security. The firm is given no information about the target environment — no network diagrams, no system inventories, no IP address ranges. The testers must discover everything themselves before any attack can begin. What type of test is this?
3. A pen tester is gathering information about a target organization. She examines the company's LinkedIn page for employee profiles, reviews conference talks given by the organization's engineers, reads through Reddit threads where employees discussed a recent system migration, and searches public job postings for clues about the technology stack. At no point does she send any network traffic to the target. What type of reconnaissance is this?
4. During a penetration test, the testers send crafted TCP packets to 1,000 IP addresses in the target's network range to determine which hosts are live and what ports are open. They then send additional probes to identify the operating system and service versions running on responsive hosts. The results appear in the target's firewall logs. Which type of reconnaissance is being performed?
5. An organization implements a model where one team continuously attacks its own systems looking for vulnerabilities, and a second team simultaneously monitors for those attacks and patches exploited gaps. After each patch, the attacking team retests the same area. This creates a feedback loop where the organization continuously improves its defenses. Which pentesting approach does this describe?
6. A company hires a pen testing firm and provides them with complete network documentation including network diagrams, IP address inventories, a list of all servers and their operating systems, and application architecture diagrams before the test begins. The testers use this information to immediately focus on likely vulnerabilities without spending time discovering the environment. What type of environment is this?
Matching: Pentesting Concepts
Match each concept (1–4) to its correct description (A–D).
1Red Team
2Blue Team
3Passive Reconnaissance
4Active Reconnaissance
AGathering information from public open sources (social media, websites, forums) without sending any traffic to the target; very difficult for the target to detect
BOffensive penetration testing group that simulates attackers by actively searching for and exploiting vulnerabilities
CDirectly interacting with target systems through ping scans, port scans, OS fingerprinting, and service identification; generates traffic visible in logs
DDefensive security group that identifies attacks in real time, responds to incidents, and works to prevent unauthorized access