Which of the following types of physical security attacks does a mantrap mitigate-?
Which of the following types of physical security attacks does a mantrap mitigate-?A . Lock pickingB . ImpersonationC . Shoulder surfingD . TailgatingView AnswerAnswer: D
Which of the following are the BEST tools to use few this purpose?
A penetration tester successfully exploits a DM2 server that appears to be listening on an outbound port. The penetration tester wishes to forward that traffic back to a device. Which of the following are the BEST tools to use few this purpose? (Select TWO)A . TcpdumpB . NmapC . WiresrtarkD...
Given the following attack signatures, determine the attack type, and then identify the associated remediation to prevent the attack in the future
HOTSPOT Instructions: Given the following attack signatures, determine the attack type, and then identify the associated remediation to prevent the attack in the future. If at any time you would like to bring back the initial state of the simulation, please click the Reset All button. You are a security...
Which of the following methods is the correct way to validate the vulnerability?
A penetration tester wants to check manually if a “ghost” vulnerability exists in a system. Which of the following methods is the correct way to validate the vulnerability?A . Download the GHOST file to a Linux system and compilegcc -o GHOSTtest i:./GHOSTB . Download the GHOST file to a Windows...
Which of the following mitigation strategies would be BEST to recommend in the report?
A penetration tester is able to move laterally throughout a domain with minimal roadblocks after compromising a single workstation. Which of the following mitigation strategies would be BEST to recommend in the report? (Select THREE)A . Randomize local administrator credentials for each machineB . Disable remote logons for local administratorsC...
Which of the following tools is used to perform a credential brute force attack?
Which of the following tools is used to perform a credential brute force attack?A . HydraB . John the RipperC . HashcatD . PeachView AnswerAnswer: A
Which of the following should the penetration tester spoof to get the MOST information?
A penetration tester is performing ARP spoofing against a switch. Which of the following should the penetration tester spoof to get the MOST information?A . MAC address of the clientB . MAC address of the domain controllerC . MAC address of the web serverD . MAC address of the gateway...
Which of the following levels of difficulty would be required to exploit this vulnerability?
A security analyst was provided with a detailed penetration report, which was performed against the organization’s DMZ environment. It was noted on the report that a finding has a CVSS base score of 100. Which of the following levels of difficulty would be required to exploit this vulnerability?A . Very...
Which of the actions should the penetration tester use to maintain persistence to the device?
A penetration tester has gained access to a marketing employee’s device. The penetration tester wants to ensure that if the access is discovered, control of the device can be regained. Which of the actions should the penetration tester use to maintain persistence to the device? (Select TWO)A . Place an...
Which of the following would contain this information?
A security consultant receives a document outlining the scope of an upcoming penetration test. This document contains IP addresses and times that each can be scanned. Which of the following would contain this information?A . Rules of engagementB . Request for proposalC . Master service agreementD . Business impact analysis...