- All Exams Instant Download
Which of the following is the tester performing?
autonumA penetration tester writes the following script: Which of the following is the tester performing?A . Searching for service vulnerabilitiesB . Trying to recover a lost bind shellC . Building a reverse shell listening on specified portsD . Scanning a network for specific open portsView AnswerAnswer: D Explanation: -z zero-I/O...
Which of the following BEST describes why this script triggered a `probable port scan` alert in the organization's IDS?
autonumA penetration tester ran a simple Python-based scanner. The following is a snippet of the code: Which of the following BEST describes why this script triggered a `probable port scan` alert in the organization's IDS?A . sock.settimeout(20) on line 7 caused each next socket to be created every 20 milliseconds.B...
Which of the following is the MOST important action to take before starting this type of assessment?
autonumA client wants a security assessment company to perform a penetration test against its hot site. The purpose of the test is to determine the effectiveness of the defenses that protect against disruptions to business continuity. Which of the following is the MOST important action to take before starting this...
Which of the following would BEST explain the reason why this policy is in place?
autonumA company requires that all hypervisors have the latest available patches installed. Which of the following would BEST explain the reason why this policy is in place?A . To provide protection against host OS vulnerabilitiesB . To reduce the probability of a VM escape attackC . To fix any misconfigurations...
Which of the following commands would the penetration tester MOST likely use in order to establish a static ARP entry successfully?
autonumA penetration tester successfully performed an exploit on a host and was able to hop from VLAN 100 to VLAN 200. VLAN 200 contains servers that perform financial transactions, and the penetration tester now wants the local interface of the attacker machine to have a static ARP entry in the...
Which of the following is the tester performing?
autonumA penetration tester writes the following script: Which of the following is the tester performing?A . Searching for service vulnerabilitiesB . Trying to recover a lost bind shellC . Building a reverse shell listening on specified portsD . Scanning a network for specific open portsView AnswerAnswer: D Explanation: -z zero-I/O...
Which of the following is the penetration tester using MOST to influence phishing targets to click on the link?
autonumA penetration tester has prepared the following phishing email for an upcoming penetration test: Which of the following is the penetration tester using MOST to influence phishing targets to click on the link?A . Familiarity and likenessB . Authority and urgencyC . Scarcity and fearD . Social proof and greedView...
Which of the following methodologies does the client use?
autonumA penetration tester is working on a scoping document with a new client. The methodology the client uses includes the following: ✑ Pre-engagement interaction (scoping and ROE) ✑ Intelligence gathering (reconnaissance) ✑ Threat modeling ✑ Vulnerability analysis ✑ Exploitation and post exploitation ✑ Reporting Which of the following methodologies does...
Which of the following BEST describes why this would be necessary?
autonumA customer adds a requirement to the scope of a penetration test that states activities can only occur during normal business hours. Which of the following BEST describes why this would be necessary?A . To meet PCI DSS testing requirementsB . For testing of the customer's SLA with the ISPC...
Which of the following would be the most appropriate NEXT step?
autonumA penetration tester received a 16-bit network block that was scoped for an assessment. During the assessment, the tester realized no hosts were active in the provided block of IPs and reported this to the company. The company then provided an updated block of IPs to the tester. Which of...
