A business manager is arguing with a compliance officer that a pentest would never be necessary for this company since they use single sign on authentication throughout. You are asked for your opinion, and say "IF I can access a network physically I can own it". This sounds a little extreme, but what is not true about this assertion?
A) Booting up to an alternative operating system might allow you to circumvent the local authentication, compromise a credential store, or steal critical data
B) Not being able to login would prevent your host from obtaining network configurations such as an IP address, routing and DNS settings. But sniffing is still possible.
C) There are ways of detecting the presence of new systems on the network such as rogue infrastructure. These techniques should still be tested regularly
D) Physical security is always critical and along with user training should be a constantly run program
Correct Answer:
Verified
Q27: "Periodic assessments of the risk and magnitude
Q28: Which of the following statements describes a
Q29: Which of the following acts of the
Q30: Which of the following (choose two) acts
Q31: During a pentest, you retrieve a USB
Q33: During an internal pentest, you setup a
Q34: During a pentest, you notice the organization
Q35: Systems that have default configurations are common
Q36: Milo is trying to learn all he
Q37: Gary is using an email system that
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents