Correct Answer: A. scope definition specifies what systems, tests, time windows, and limits are authorized
Explanation:
The correct answer is scope definition specifies what systems, tests, time windows, and limits are authorized. This matches the course topic 'Scope definition' in Vulnerability Assessment & Reverse Engineering.
Correct Answer: A. authentication review checks identity verification mechanisms, password handling, and session access
Explanation:
The correct answer is authentication review checks identity verification mechanisms, password handling, and session access. This matches the course topic 'Authentication review' in Vulnerability Assessment & Reverse Engineering.
Correct Answer: B. false positives are reported issues that are not actually exploitable or valid
Explanation:
The correct answer is false positives are reported issues that are not actually exploitable or valid. This matches the course topic 'Tool false positives' in Vulnerability Assessment & Reverse Engineering.
Correct Answer: B. risk prioritization considers severity, likelihood, business impact, and exposure
Explanation:
The correct answer is risk prioritization considers severity, likelihood, business impact, and exposure. This matches the course topic 'Risk prioritization' in Vulnerability Assessment & Reverse Engineering.
Correct Answer: B. scope definition specifies what systems, tests, time windows, and limits are authorized
Explanation:
The correct answer is scope definition specifies what systems, tests, time windows, and limits are authorized. This matches the course topic 'Scope definition' in Vulnerability Assessment & Reverse Engineering.
Correct Answer: B. authentication review checks identity verification mechanisms, password handling, and session access
Explanation:
The correct answer is authentication review checks identity verification mechanisms, password handling, and session access. This matches the course topic 'Authentication review' in Vulnerability Assessment & Reverse Engineering.
Correct Answer: C. classification groups weaknesses by type, impact, affected asset, or severity
Explanation:
The correct answer is classification groups weaknesses by type, impact, affected asset, or severity. This matches the course topic 'Vulnerability classification' in Vulnerability Assessment & Reverse Engineering.
Correct Answer: C. a vulnerability assessment identifies, verifies, prioritizes, and reports weaknesses
Explanation:
The correct answer is a vulnerability assessment identifies, verifies, prioritizes, and reports weaknesses. This matches the course topic 'Vulnerability assessment' in Vulnerability Assessment & Reverse Engineering.
Correct Answer: A. security assessments help identify weaknesses before attackers exploit them
Explanation:
The correct answer is security assessments help identify weaknesses before attackers exploit them. This matches the course topic 'Need for security assessments' in Vulnerability Assessment & Reverse Engineering.
Correct Answer: A. software vulnerabilities are weaknesses in application logic, code, configuration, or dependencies
Explanation:
The correct answer is software vulnerabilities are weaknesses in application logic, code, configuration, or dependencies. This matches the course topic 'Software vulnerabilities' in Vulnerability Assessment & Reverse Engineering.
Correct Answer: A. penetration testing attempts controlled exploitation to prove real-world impact
Explanation:
The correct answer is penetration testing attempts controlled exploitation to prove real-world impact. This matches the course topic 'Penetration testing' in Vulnerability Assessment & Reverse Engineering.
Correct Answer: B. security assessments help identify weaknesses before attackers exploit them
Explanation:
The correct answer is security assessments help identify weaknesses before attackers exploit them. This matches the course topic 'Need for security assessments' in Vulnerability Assessment & Reverse Engineering.