- All Exams Instant Download
Which of the following tools should a penetration tester use to crawl a website and build a wordlist using the data recovered to crack the password on the website?
Which of the following tools should a penetration tester use to crawl a website and build a wordlist using the data recovered to crack the password on the website?A . DirBuster B. CeWL C. w3af D. PatatorView AnswerAnswer: B Explanation: CeWL, the Custom Word List Generator, is a Ruby application...
Which of the following is the reason for the error?
A penetration tester created the following script to use in an engagement: However, the tester is receiving the following error when trying to run the script: Which of the following is the reason for the error?A . The sys variable was not defined. B. The argv variable was not defined....
Performing a penetration test against an environment with SCADA devices brings additional safety risk because the:
Performing a penetration test against an environment with SCADA devices brings additional safety risk because the:A . devices produce more heat and consume more power. B. devices are obsolete and are no longer available for replacement. C. protocols are more difficult to understand. D. devices may cause physical world effects.View...
In Python socket programming, SOCK_DGRAM type is:
In Python socket programming, SOCK_DGRAM type is:A . reliable. B. matrixed. C. connectionless. D. slower.View AnswerAnswer: C Explanation: Connectionless due to the Datagram portion mentioned so that would mean its using UDP.
Which of the following types of attacks would MOST likely be used to avoid account lockout?
During an assessment, a penetration tester obtains a list of 30 email addresses by crawling the target company's website and then creates a list of possible usernames based on the email address format. Which of the following types of attacks would MOST likely be used to avoid account lockout?A ....
Which of the following commands should the penetration tester consider?
A penetration tester is trying to restrict searches on Google to a specific domain. Which of the following commands should the penetration tester consider?A . inurl: B. link: C. site: D. intitle:View AnswerAnswer: C
During a penetration test, you gain access to a system with a limited user interface
DRAG DROP During a penetration test, you gain access to a system with a limited user interface. This machine appears to have access to an isolated network that you would like to port scan. INSTRUCTIONS Analyze the code segments to determine which sections are needed to complete a port scanning...
Which of the following would the tester MOST likely describe as a benefit of the framework?
A penetration tester is explaining the MITRE ATT&CK framework to a company’s chief legal counsel. Which of the following would the tester MOST likely describe as a benefit of the framework?A . Understanding the tactics of a security intrusion can help disrupt them. B. Scripts that are part of the...
Which of the following actions is the tester MOST likely performing?
A penetration tester gains access to a system and establishes persistence, and then runs the following commands: cat /dev/null > temp touch Cr .bash_history temp mv temp .bash_history Which of the following actions is the tester MOST likely performing?A . Redirecting Bash history to /dev/null B. Making a copy of...
Which of the following BEST describes this attack?
A penetration tester discovered that a client uses cloud mail as the company's email system. During the penetration test, the tester set up a fake cloud mail login page and sent all company employees an email that stated their inboxes were full and directed them to the fake login page...
