- All Exams Instant Download
Which of the following tools or techniques would BEST support additional reconnaissance?
A penetration tester has been hired to perform a physical penetration test to gain access to a secure room within a client’s building. Exterior reconnaissance identifies two entrances, a WiFi guest network, and multiple security cameras connected to the Internet. Which of the following tools or techniques would BEST support...
Which of the following would BEST explain the reason why this policy is in place?
A company requires that all hypervisors have the latest available patches installed. Which of the following would BEST explain the reason why this policy is in place?A . To provide protection against host OS vulnerabilitiesB . To reduce the probability of a VM escape attackC . To fix any misconfigurations...
Which of the following documents is agreed upon by all parties associated with the penetration-testing engagement and defines the scope, contacts, costs, duration, and deliverables?
Which of the following documents is agreed upon by all parties associated with the penetration-testing engagement and defines the scope, contacts, costs, duration, and deliverables?A . SOWB . SLAC . MSAD . NDAView AnswerAnswer: A
Which of the following would be the BEST command to use for further progress into the targeted network?
A CentOS computer was exploited during a penetration test. During initial reconnaissance, the penetration tester discovered that port 25 was open on an internal Sendmail server. To remain stealthy, the tester ran the following command from the attack machine: Which of the following would be the BEST command to use...
Which of the following commands should the penetration tester consider?
A penetration tester is trying to restrict searches on Google to a specific domain. Which of the following commands should the penetration tester consider?A . inurl:B . link:C . site:D . intitle:View AnswerAnswer: C
Which of the following assumptions, if made by the penetration-testing team, is MOST likely to be valid?
A company hired a penetration-testing team to review the cyber-physical systems in a manufacturing plant. The team immediately discovered the supervisory systems and PLCs are both connected to the company intranet. Which of the following assumptions, if made by the penetration-testing team, is MOST likely to be valid?A . PLCs...
Which of the following would the test discover?
A penetration tester is testing a new API for the company's existing services and is preparing the following script: Which of the following would the test discover?A . Default web configurationsB . Open web ports on a hostC . Supported HTTP methodsD . Listening web servers in a domainView AnswerAnswer:...
Which of the following attack types is MOST concerning to the company?
A company is concerned that its cloud service provider is not adequately protecting the VMs housing its software development. The VMs are housed in a datacenter with other companies sharing physical resources. Which of the following attack types is MOST concerning to the company?A . Data floodingB . Session ridingC...
Which of the following actions is the tester MOST likely performing?
A penetration tester gains access to a system and establishes persistence, and then runs the following commands: cat /dev/null > temp touch Cr .bash_history temp mv temp .bash_history Which of the following actions is the tester MOST likely performing?A . Redirecting Bash history to /dev/nullB . Making a copy of...
Which of the following is an example of a Bluesnarfing attack that the penetration tester can perform?
During a penetration test, a tester is in close proximity to a corporate mobile device belonging to a network administrator that is broadcasting Bluetooth frames. Which of the following is an example of a Bluesnarfing attack that the penetration tester can perform?A . Sniff and then crack the WPS PIN...
