156-401 시험 - Check Point실제시험문제와 답 - 82문항

Question No : 1

What information can Whois provide?

A.Open ports
B.Domain registration details
C.Active network sessions
D.Current open vulnerabilities

정답:
Explanation:
Whois provides domain ownership, registrar information, and contact details, which are useful for planning further reconnaissance.

Question No : 2

Which of the following is an example of active reconnaissance?

A.Querying a public Whois database
B.Performing a DNS zone transfer
C.Reading publicly available news articles
D.Searching LinkedIn for employee names

정답:
Explanation:
Active reconnaissance involves interacting directly with the target’s systems, such as attempting a DNS zone transfer.

Question No : 3

Which two tools are commonly used for passive footprinting? (Choose two.)

A.Whois
B.Netcat
C.Nslookup
D.Metasploit

정답:
Explanation:
Whois and Nslookup are passive tools used to gather information like domain registration and DNS records without alerting the target.

Question No : 4

What is passive reconnaissance?

A.Directly probing systems for vulnerabilities
B.Gathering information without direct interaction
C.Launching exploits against discovered services
D.Cracking passwords remotely

정답:
Explanation:
Passive reconnaissance involves collecting information about a target without any direct engagement, keeping the process undetectable.

Question No : 5

Which of the following best describes reconnaissance in penetration testing?

A.Exploiting system vulnerabilities
B.Gathering information about the target
C.Installing malware on target devices
D.Covering attack traces

정답:
Explanation:
Reconnaissance is the phase where the tester gathers as much information as possible about the target
without engaging in active attacks.

Question No : 6

Penetration testing should ideally be conducted:

A.Only after a breach
B.On a regular schedule
C.Only during system downtime
D.Without alerting system administrators

정답:
Explanation:
Regular penetration tests ensure continuous security monitoring and help organizations proactively address emerging threats.

Question No : 7

Which tool is best used for capturing and analyzing network traffic?

A.Metasploit
B.OpenVAS
C.Wireshark
D.Nikto

정답:
Explanation:
Wireshark is a network protocol analyzer that captures and dissects network traffic for in-depth analysis.

Question No : 8

Which two are common outputs after a penetration test? (Choose two.)

A.Security awareness training
B.Incident response activation
C.Vulnerability report
D.Remediation recommendations

정답:
Explanation:
After a pen test, organizations receive vulnerability reports and actionable remediation recommendations to strengthen security.

Question No : 9

What is one major reason penetration testing improves an organization’s information security posture?

A.It guarantees perfect protection
B.It identifies potential weaknesses before real attacks
C.It improves public relations
D.It reduces legal obligations

정답:
Explanation:
Penetration testing helps organizations discover and fix vulnerabilities before malicious attackers exploit them.

Question No : 10

Which protocol is targeted during ARP spoofing attacks?

A.TCP
B.DNS
C.ARP
D.HTTP

정답:
Explanation:
ARP spoofing manipulates Address Resolution Protocol tables to redirect traffic through a malicious actor’s device.

Question No : 11

Which two tools are commonly used during the exploitation phase? (Choose two.)

A.Metasploit
B.Nessus
C.John the Ripper
D.Nikto

정답:
Explanation:
Metasploit facilitates exploits, and John the Ripper is used for password cracking during or after successful exploitation.

Question No : 12

What does the "rules of engagement" document define?

A.Attack techniques
B.Legal consequences
C.Scope, time, and methods of testing
D.Payment structure

정답:
Explanation:
Rules of engagement outline the authorized targets, time windows, and permissible testing techniques to avoid misunderstandings.

Question No : 13

Which tool is best suited for vulnerability scanning?

A.Burp Suite
B.Nmap
C.OpenVAS
D.Wireshark

정답:
Explanation:
OpenVAS is a popular open-source tool specifically designed for comprehensive vulnerability scanning across networks and systems.

Question No : 14

What is the final step in a penetration test?

A.Escalating privileges
B.Gaining persistence
C.Writing and delivering the report
D.Erasing traces

정답:
Explanation:
After all activities are completed, a penetration tester must document findings and deliver a professional report.

Question No : 15

A penetration tester should ensure which of the following before starting a test?

A.They own the target
B.Written consent is obtained
C.Antivirus is disabled
D.Logs are pre-deleted

정답:
Explanation:
Always operate under written permission to protect both the client and the tester legally.

Check Point 156-401 시험