Practice security tooling vocabulary: Burp Suite proxy interception, Metasploit exploitation, Wireshark packet analysis, and responsible use in authorized testing environments.
0 / 5 completed
1 / 5
'The Burp Suite _____ intercepts the request.' What component sits between the browser and the server?
Burp Suite's proxy intercepts HTTP/S traffic between the browser and server, allowing a security tester to inspect, modify, and replay requests — the foundational Burp workflow.
2 / 5
In Metasploit, a 'module' that delivers a payload to exploit a vulnerability is called:
In Metasploit, 'exploits' are modules that target specific vulnerabilities. After running the exploit, a 'payload' (e.g., Meterpreter shell) is delivered to the compromised system.
3 / 5
'The packet capture shows _____.' Which tool captures and analyzes network packets?
Wireshark captures and analyzes network packets in real time. Security testers use it to inspect protocol details, find cleartext credentials, and analyze malicious traffic patterns.
4 / 5
'The tool is used in authorized testing only.' Why is this disclaimer important for security tools?
Using offensive security tools (Metasploit, Burp, Wireshark) without explicit written authorization is illegal under laws like the CFAA (US) and Computer Misuse Act (UK).
5 / 5
'The security lab environment is _____.' How must a testing environment be configured to prevent accidental impact on production?
An isolated security lab environment (air-gapped or network-separated from production) ensures that exploitation techniques, malware analysis, and attack tools cannot accidentally affect live systems.