- All Exams Instant Download
Which of the following would be the most appropriate NEXT step?
A penetration tester received a 16-bit network block that was scoped for an assessment. During the assessment, the tester realized no hosts were active in the provided block of IPs and reported this to the company. The company then provided an updated block of IPs to the tester. Which of...
Based on the information in the SOW, which of the following behaviors would be considered unethical?
A penetration tester is reviewing the following SOW prior to engaging with a client: “Network diagrams, logical and physical asset inventory, and employees’ names are to be treated as client confidential. Upon completion of the engagement, the penetration tester will submit findings to the client’s Chief Information Security Officer (CISO)...
Which of the following is the BEST passive method of obtaining the technical contacts for the website?
A penetration tester is conducting an engagement against an internet-facing web application and planning a phishing campaign. Which of the following is the BEST passive method of obtaining the technical contacts for the website?A . WHOIS domain lookupB . Job listing and recruitment adsC . SSL certificate informationD . Public...
Which of the following operating systems is MOST likely installed on the host?
During the reconnaissance phase, a penetration tester obtains the following output: Reply from 192.168.1.23: bytes=32 time<54ms TTL=128 Reply from 192.168.1.23: bytes=32 time<53ms TTL=128 Reply from 192.168.1.23: bytes=32 time<60ms TTL=128 Reply from 192.168.1.23: bytes=32 time<51ms TTL=128 Which of the following operating systems is MOST likely installed on the host?A . LinuxB...
Which of the following provides an exploitation suite with payload modules that cover the broadest range of target system types?
Which of the following provides an exploitation suite with payload modules that cover the broadest range of target system types?A . NessusB . MetasploitC . Burp SuiteD . EthercapView AnswerAnswer: B
Which of the following is the MINIMUM frequency to complete the scan of the system?
A penetration tester needs to perform a test on a finance system that is PCI DSS v3.2.1 compliant. Which of the following is the MINIMUM frequency to complete the scan of the system?A . WeeklyB . MonthlyC . QuarterlyD . AnnuallyView AnswerAnswer: C Explanation: https://www.pcicomplianceguide.org/faq/#25 PCI DSS requires quarterly vulnerability/penetration...
CORRECT TEXT
CORRECT TEXT SIMULATION Using the output, identify potential attack vectors that should be further investigated. View AnswerAnswer: 1: Null session enumeration Weak SMB file permissions Fragmentation attack 2: nmap -sV -p 1-1023
Which of the following commands should the penetration tester consider?
A penetration tester is trying to restrict searches on Google to a specific domain. Which of the following commands should the penetration tester consider?A . inurl:B . link:C . site:D . intitle:View AnswerAnswer: C
Which of the following vulnerabilities has the tester exploited?
A penetration tester is testing a web application that is hosted by a public cloud provider. The tester is able to query the provider’s metadata and get the credentials used by the instance to authenticate itself. Which of the following vulnerabilities has the tester exploited?A . Cross-site request forgeryB ....
Which of the following methods should the tester use to visualize the authorization information being transmitted?
A penetration tester captured the following traffic during a web-application test: Which of the following methods should the tester use to visualize the authorization information being transmitted?A . Decode the authorization header using UTF-8.B . Decrypt the authorization header using bcrypt.C . Decode the authorization header using Base64.D . Decrypt...
