Correct Answer: C. false positives are reported issues that are not actually exploitable or valid
Explanation:
The correct answer is false positives are reported issues that are not actually exploitable or valid. This matches the course topic 'Tool false positives' in Vulnerability Assessment & Reverse Engineering.
Correct Answer: C. risk prioritization considers severity, likelihood, business impact, and exposure
Explanation:
The correct answer is risk prioritization considers severity, likelihood, business impact, and exposure. This matches the course topic 'Risk prioritization' in Vulnerability Assessment & Reverse Engineering.
Correct Answer: C. scope definition specifies what systems, tests, time windows, and limits are authorized
Explanation:
The correct answer is scope definition specifies what systems, tests, time windows, and limits are authorized. This matches the course topic 'Scope definition' in Vulnerability Assessment & Reverse Engineering.
Correct Answer: C. authentication review checks identity verification mechanisms, password handling, and session access
Explanation:
The correct answer is authentication review checks identity verification mechanisms, password handling, and session access. This matches the course topic 'Authentication review' in Vulnerability Assessment & Reverse Engineering.
Correct Answer: A. false negatives are real issues missed by a scanner or assessment method
Explanation:
The correct answer is false negatives are real issues missed by a scanner or assessment method. This matches the course topic 'Tool false negatives' in Vulnerability Assessment & Reverse Engineering.
Correct Answer: A. ROI compares the benefit of reducing risk with the cost of security investment
Explanation:
The correct answer is ROI compares the benefit of reducing risk with the cost of security investment. This matches the course topic 'ROI in security' in Vulnerability Assessment & Reverse Engineering.
Correct Answer: A. code navigation helps analysts understand structure, data flow, functions, and security-relevant paths
Explanation:
The correct answer is code navigation helps analysts understand structure, data flow, functions, and security-relevant paths. This matches the course topic 'Code navigation' in Vulnerability Assessment & Reverse Engineering.
Correct Answer: B. false negatives are real issues missed by a scanner or assessment method
Explanation:
The correct answer is false negatives are real issues missed by a scanner or assessment method. This matches the course topic 'Tool false negatives' in Vulnerability Assessment & Reverse Engineering.
Correct Answer: B. ROI compares the benefit of reducing risk with the cost of security investment
Explanation:
The correct answer is ROI compares the benefit of reducing risk with the cost of security investment. This matches the course topic 'ROI in security' in Vulnerability Assessment & Reverse Engineering.
Correct Answer: B. code navigation helps analysts understand structure, data flow, functions, and security-relevant paths
Explanation:
The correct answer is code navigation helps analysts understand structure, data flow, functions, and security-relevant paths. This matches the course topic 'Code navigation' in Vulnerability Assessment & Reverse Engineering.
Correct Answer: C. false negatives are real issues missed by a scanner or assessment method
Explanation:
The correct answer is false negatives are real issues missed by a scanner or assessment method. This matches the course topic 'Tool false negatives' in Vulnerability Assessment & Reverse Engineering.
Correct Answer: C. ROI compares the benefit of reducing risk with the cost of security investment
Explanation:
The correct answer is ROI compares the benefit of reducing risk with the cost of security investment. This matches the course topic 'ROI in security' in Vulnerability Assessment & Reverse Engineering.