- What should be included in a penetration testing report?
- Executive summary
- Statement of methodology
- Findings
- All of above
- How does NIST 800-30 categorize risk rating?
- Impact of Threat vs Threat Likelihood
- Severity vs Impact
- Impact vs Mitigation efforts
- Severity vs Asset Value
- What is the common report format that can be imported into the reporting service?
- HTML
- XML
- CSV
- DOC
- Which one of these is not used for web security testing?
- nmap
- uniscan
- dirb
- IDA
- Which one is not used for network scanning?
- nmap
- xsser
- dnsenum
- dnsmap