- All Exams Instant Download
CORRECT TEXT
CORRECT TEXT SIMULATION Using the output, identify potential attack vectors that should be further investigated. View AnswerAnswer: 1: Null session enumeration Weak SMB file permissions Fragmentation attack 2: nmap -sV -p 1-1023
Which of the following would BEST support this task?
A penetration tester wants to identify CVEs that can be leveraged to gain execution on a Linux server that has an SSHD running. Which of the following would BEST support this task?A . Run nmap with the Co, -p22, and CsC options set against the target B. Run nmap with...
Which of the following commands will allow a penetration tester to permit a shell script to be executed by the file owner?
Which of the following commands will allow a penetration tester to permit a shell script to be executed by the file owner?A . chmod u+x script.sh B. chmod u+e script.sh C. chmod o+e script.sh D. chmod o+x script.shView AnswerAnswer: A Explanation: Reference: https://newbedev.com/chmod-u-x-versus-chmod-x
Which of the following should the tester do AFTER delivering the final report?
A penetration tester ran the following commands on a Windows server: Which of the following should the tester do AFTER delivering the final report?A . Delete the scheduled batch job. B. Close the reverse shell connection. C. Downgrade the svsaccount permissions. D. Remove the tester-created credentials.View AnswerAnswer: D
Based on the information in the SOW, which of the following behaviors would be considered unethical?
A penetration tester is reviewing the following SOW prior to engaging with a client: “Network diagrams, logical and physical asset inventory, and employees’ names are to be treated as client confidential. Upon completion of the engagement, the penetration tester will submit findings to the client’s Chief Information Security Officer (CISO)...
Which of the following should a penetration tester do NEXT after identifying that an application being tested has already been compromised with malware?
Which of the following should a penetration tester do NEXT after identifying that an application being tested has already been compromised with malware?A . Analyze the malware to see what it does. B. Collect the proper evidence and then remove the malware. C. Do a root-cause analysis to find out...
Which of the following is the MOST important action to take before starting this type of assessment?
A client wants a security assessment company to perform a penetration test against its hot site. The purpose of the test is to determine the effectiveness of the defenses that protect against disruptions to business continuity. Which of the following is the MOST important action to take before starting this...
Which of the following tools would BEST allow a penetration tester to capture wireless handshakes to reveal a Wi-Fi password from a Windows machine?
Which of the following tools would BEST allow a penetration tester to capture wireless handshakes to reveal a Wi-Fi password from a Windows machine?A . Wireshark B. EAPHammer C. Kismet D. Aircrack-ngView AnswerAnswer: D Explanation: The BEST tool to capture wireless handshakes to reveal a Wi-Fi password from a Windows...
Which of the following tools or techniques would BEST support additional reconnaissance?
A penetration tester has been hired to perform a physical penetration test to gain access to a secure room within a client’s building. Exterior reconnaissance identifies two entrances, a WiFi guest network, and multiple security cameras connected to the Internet. Which of the following tools or techniques would BEST support...
Which of the following methods should the tester use to visualize the authorization information being transmitted?
A penetration tester captured the following traffic during a web-application test: Which of the following methods should the tester use to visualize the authorization information being transmitted?A . Decode the authorization header using UTF-8. B. Decrypt the authorization header using bcrypt. C. Decode the authorization header using Base64. D. Decrypt...
