- All Exams Instant Download
Which of the following commands should the tester run on the compromised system?
A penetration tester has compromised a system and wishes to connect to a port on it from the attacking machine to control the system. Which of the following commands should the tester run on the compromised system?A . nc looalhot 4423B . nc -nvlp 4423 -« /bin/bashC . nc 10.0.0.1...
Which of the following are some vulnerabilities that might allow the penetration tester to easily and quickly access a WPA2-protected access point?
A penetration tester is performing a wireless penetration test. Which of the following are some vulnerabilities that might allow the penetration tester to easily and quickly access a WPA2-protected access point?A . Deauthentication attacks against an access point can allow an opportunity to capture the four-way handshake, which can be...
Which of the following is the MOST effective way to notify management of this finding and its importance?
A penetration test was performed by an on-staff technicians junior technician. During the test, the technician discovered the application could disclose an SQL table with user account and password information. Which of the following is the MOST effective way to notify management of this finding and its importance?A . Document...
Which of the following attacks is MOST likely to succeed in creating a physical effect?
A penetration tester has obtained access to an IP network subnet that contains ICS equipment intercommunication. Which of the following attacks is MOST likely to succeed in creating a physical effect?A . DNS cache poisoningB . Record and replayC . Supervisory server SMBD . Blind SQL injectionView AnswerAnswer: C
Which of the following attack vectors would the attacker MOST likely use?
An attacker is attempting to gain unauthorized access to a WiR network that uses WPA2-PSK. Which of the following attack vectors would the attacker MOST likely use?A . Capture a three-way handshake and crack itB . Capture a mobile device and crack its encryptionC . Create a rogue wireless access...
Which of the following Nmap switches will complete this task?
A constant wants to scan all the TCP Pots on an identified device. Which of the following Nmap switches will complete this task?A . -p-B . -p ALX,C . -p 1-65534D . -port 1-65534View AnswerAnswer: C
CORRECT TEXT
CORRECT TEXT You are a penetration tester running port scans on a server. INSTRUCTIONS Part1: Given the output, construct the command that was used to generate this output from the available options. Part2: Once the command is appropriately constructed, use the given output to identify the potential attack vectors that...
Which of the following is the MOST efficient to utilize?
A penetration tester wants to script out a way to discover all the RPTR records for a range of IP addresses. Which of the following is the MOST efficient to utilize?A . nmap -p 53 -oG dnslist.txt | cut -d “:” -f 4B . nslookup -ns 8.8.8.8 << dnslist.txtC ....
While trying to maintain persistence on a Windows system with limited privileges, which of the following registry keys should the tester use?
While trying to maintain persistence on a Windows system with limited privileges, which of the following registry keys should the tester use?A . HKEY_CLASSES_ROOTB . HKEY_LOCAL_MACHINEC . HKEY_CURRENT_USERD . HKEY_CURRENT_CONFIGView AnswerAnswer: C Explanation: Reference: https://www.redcanary.com/blog/windows-registry-attacks-threat-detection/
Which of the following is MOST likely preventing proxying of all traffic?
An attacker performed a MITM attack against a mobile application. The attacker is attempting to manipulate the application’s network traffic via a proxy tool. The attacker only sees limited traffic as cleartext. The application log files indicate secure SSL/TLS connections are failing. Which of the following is MOST likely preventing...
