- All Exams Instant Download
Which of the following commands would allow the tester to save the results in an interchangeable format?
A penetration tester needs to upload the results of a port scan to a centralized security tool. Which of the following commands would allow the tester to save the results in an interchangeable format?A . nmap -iL results 192.168.0.10-100 B. nmap 192.168.0.10-100 -O > results C. nmap -A 192.168.0.10-100 -oX...
Which of the following objectives is the tester attempting to achieve?
A penetration tester writes the following script: Which of the following objectives is the tester attempting to achieve?A . Determine active hosts on the network. B. Set the TTL of ping packets for stealth. C. Fill the ARP table of the networked devices. D. Scan the system on the most...
Which of the following BEST describes why this would be necessary?
A customer adds a requirement to the scope of a penetration test that states activities can only occur during normal business hours. Which of the following BEST describes why this would be necessary?A . To meet PCI DSS testing requirements B. For testing of the customer's SLA with the ISP...
Which of the following actions should the tester take?
A red-team tester has been contracted to emulate the threat posed by a malicious insider on a company’s network, with the constrained objective of gaining access to sensitive personnel files. During the assessment, the red-team tester identifies an artifact indicating possible prior compromise within the target environment. Which of the...
Which of the following is the BEST passive method of obtaining the technical contacts for the website?
A penetration tester is conducting an engagement against an internet-facing web application and planning a phishing campaign. Which of the following is the BEST passive method of obtaining the technical contacts for the website?A . WHOIS domain lookup B. Job listing and recruitment ads C. SSL certificate information D. Public...
Which of the following provides an exploitation suite with payload modules that cover the broadest range of target system types?
Which of the following provides an exploitation suite with payload modules that cover the broadest range of target system types?A . Nessus B. Metasploit C. Burp Suite D. EthercapView AnswerAnswer: B
Which of the following actions, if performed, would be ethical within the scope of the assessment?
A security company has been contracted to perform a scoped insider-threat assessment to try to gain access to the human resources server that houses PII and salary data. The penetration testers have been given an internal network starting position. Which of the following actions, if performed, would be ethical within...
Which of the following steps would the penetration tester most likely try NEXT to further exploit the web server?
During an assessment, a penetration tester manages to exploit an LFI vulnerability and browse the web log for a target Apache server. Which of the following steps would the penetration tester most likely try NEXT to further exploit the web server? (Choose two.)A . Cross-site scripting B. Server-side request forgery...
Which of the following could be used for a denial-of-service attack on the network segment?
A penetration tester who is conducting a vulnerability assessment discovers that ICMP is disabled on a network segment. Which of the following could be used for a denial-of-service attack on the network segment?A . Smurf B. Ping flood C. Fraggle D. Ping of deathView AnswerAnswer: C Explanation: Fraggle attack is...
Which of the following attacks is being attempted?
A penetration tester analyzed a web-application log file and discovered an input that was sent to the company's web application. The input contains a string that says "WAITFOR." Which of the following attacks is being attempted? A. SQL injection B. HTML injection C. Remote command injection D. DLL injectionView AnswerAnswer:...
