- All Exams Instant Download
Which of the following types of attacks is being executed?
A security consultant is trying to attack a device with a previously identified user account. Which of the following types of attacks is being executed?A . Credential dump attackB . DLL injection attackC . Reverse shell attackD . Pass the hash attackView AnswerAnswer: D
Which of the following types of motivation was used m this attack?
An email sent from the Chief Executive Officer (CEO) to the Chief Financial Officer (CFO) states a wire transfer is needed to pay a new vendor. Neither is aware of the vendor, and the CEO denies ever sending the email. Which of the following types of motivation was used m...
Which of the following would be BEST for performing passive reconnaissance on a target's external domain?
Which of the following would be BEST for performing passive reconnaissance on a target's external domain?A . PeachB . CeWLC . OpenVASD . ShodanView AnswerAnswer: D
Which of the following commands can the assessor use to find any likely Windows domain controllers?
An assessor begins an internal security test of the Windows domain internal.comptia.net. The assessor is given network access via DHCP, but is not given any network maps or target IP addresses. Which of the following commands can the assessor use to find any likely Windows domain controllers?A . dig -q...
Which of the following types of attacks is this an example of?
An attacker uses SET to make a copy of a company's cloud-hosted web mail portal and sends an email m to obtain the CEO s login credentials. Which of the following types of attacks is this an example of?A . Elicitation attackB . Impersonation attackC . Spear phishing attackD ....
A client requests that a penetration tester emulate a help desk technician who was recently laid off. Which of the following BEST describes the abilities of the threat actor?
A client requests that a penetration tester emulate a help desk technician who was recently laid off. Which of the following BEST describes the abilities of the threat actor?A . Advanced persistent threatB . Script kiddieC . HacktivistD . Organized crimeView AnswerAnswer: B Explanation: Reference https://www.sciencedirect.com/topics/computer-science/disgruntled-employee
A penetration tester runs the following from a compromised box 'python -c -import pty;Pty.sPawn( "/bin/bash").' Which of the following actions is the tester taking?
A penetration tester runs the following from a compromised box 'python -c -import pty;Pty.sPawn( "/bin/bash").' Which of the following actions is the tester taking?A . Removing the Bash historyB . Upgrading the shellC . Creating a sandboxD . Capturing credentialsView AnswerAnswer: B
Which of the following actions would BEST create a potentially destructive outcome against device?
A security consultant found a SCADA device in one of the VLANs in scope. Which of the following actions would BEST create a potentially destructive outcome against device?A . Launch an SNMP password brute force attack against the device.B . Lunch a Nessus vulnerability scan against the device.C . Launch...
A recently concluded penetration test revealed that a legacy web application is vulnerable lo SQL injection Research indicates that completely remediating the vulnerability would require an architectural change, and the stakeholders are not m a position to risk the availability of the application Under such circumstances, which of the following controls are low-effort, short-term solutions to minimize the SQL injection risk? (Select TWO).
A recently concluded penetration test revealed that a legacy web application is vulnerable lo SQL injection Research indicates that completely remediating the vulnerability would require an architectural change, and the stakeholders are not m a position to risk the availability of the application Under such circumstances, which of the following...
Please Answer Questions Follow The Prompts Below
DRAG DROP A manager calls upon a tester to assist with diagnosing an issue within the following Python script: #!/usr/bin/python s = “Administrator” The tester suspects it is an issue with string slicing and manipulation Analyze the following code segment and drag and drop the correct output for each string...
