- All Exams Instant Download
Which of the following file system vulnerabilities does this command take advantage of?
During post-exploitation, a tester identifies that only system binaries will pass an egress filter and store a file with the following command: c: creditcards.db>c:winitsystem32calc.exe:creditcards.db Which of the following file system vulnerabilities does this command take advantage of?A . Hierarchical file systemB . Alternate data streamsC . Backdoor successD . Extended...
Which of the following commands will allow a tester to enumerate potential unquoted services paths on a host?
Which of the following commands will allow a tester to enumerate potential unquoted services paths on a host?A . wmic environment get name, variablevalue, username / findstr /i “Path” | findstr /i “service”B . wmic service get /format:hform > c:tempservices.htmlC . wmic startup get caption, location, command | findstr /i...
Which of the following techniques is MOST likely being attempted?
A penetration tester runs a script that queries the domain controller for user service principal names . Which of the following techniques is MOST likely being attempted?A . LSASS credential extractionB . CpasswordC . Cleartext credentials in LDAPD . KerberoastingView AnswerAnswer: D Explanation: Reference: https://attack.stealthbits.com/cracking-kerberos-tgs-tickets-using-kerberoasting
Which of the following types of physical security attacks does a mantrap mitigate-?
Which of the following types of physical security attacks does a mantrap mitigate-?A . Lock pickingB . ImpersonationC . Shoulder surfingD . TailgatingView AnswerAnswer: D
Which of the following characteristics would be BEST to use for fingerprinting?
While conducting information gathering, a penetration tester is trying to identify Windows hosts . Which of the following characteristics would be BEST to use for fingerprinting?A . The system responds with a MAC address that begins with 00:0A:3C . The system responds with port 22 open.D . The system responds...
Given the scenario, which of the following attacks would BEST assist the tester in obtaining this handshake?
A penetration tester is attempting to capture a handshake between a client and an access point by monitoring a WPA2-PSK secured wireless network. The tester is monitoring the correct channel for the identified network, but has been unsuccessful in capturing a handshake. Given the scenario, which of the following attacks...
Which of the following remediation’s are appropriate for the reported findings'?
A company received a report with the following finding . While on the internal network the penetration tester was able to successfully capture SMB broadcasted user ID and password information on the network and decode this information. This allowed the penetration tester to then join their own computer to the...
Which of the following controls would BEST mitigate the vulnerability?
A penetration tester is testing a web application and is logged in as a lower-privileged user. The tester runs arbitrary JavaScript within an application, which sends an XMLHttpRequest, resulting in exploiting features to which only an administrator should have access . Which of the following controls would BEST mitigate the...
Which of the following will result?
Given the following Python code: a = 'abcdefghijklmnop' a[::2] Which of the following will result?A . adgjmpB . pnlhfdbC . acegikmoD . abView AnswerAnswer: C Explanation: Reference: https://blog.finxter.com/python-double-colon/
Which of the following CPU registers does the penetration tester need to overwrite in order to exploit a simple buffer overflow?
Which of the following CPU registers does the penetration tester need to overwrite in order to exploit a simple buffer overflow?A . Stack pointer registerB . Index pointer registerC . Stack base pointerD . Destination index registerView AnswerAnswer: A Explanation: Reference: http://www.informit.com/articles/article.aspx?p=704311&seqNum=3
