- All Exams Instant Download
Which of the following would allow the consultant to retrieve email addresses for technical and billing contacts quickly, without triggering any of the client’s cybersecurity tools?
autonumDuring a penetration-testing engagement, a consultant performs reconnaissance of a client to identify potential targets for a phishing campaign. Which of the following would allow the consultant to retrieve email addresses for technical and billing contacts quickly, without triggering any of the client’s cybersecurity tools? (Choose two.)A . Scraping social...
Which of the following actions should the tester take?
autonumA red-team tester has been contracted to emulate the threat posed by a malicious insider on a company’s network, with the constrained objective of gaining access to sensitive personnel files. During the assessment, the red-team tester identifies an artifact indicating possible prior compromise within the target environment. Which of the...
autonumWhich of the following would a company's hunt team be MOST interested in seeing in a final report?
autonumWhich of the following would a company's hunt team be MOST interested in seeing in a final report?A . Executive summaryB . Attack TTPsC . MethodologyD . Scope detailsView AnswerAnswer: B
Which of the following snippets of output will the tester MOST likely receive?
autonumA penetration tester performs the following command: curl CI Chttp2 https://www.comptia.org Which of the following snippets of output will the tester MOST likely receive? A . Option AB . Option BC . Option CD . Option DView AnswerAnswer: A Explanation: Reference: https://research.securitum.com/http-2-protocol-it-is-faster-but-is-it-also-safer/
Which of the following is the BEST passive method of obtaining the technical contacts for the website?
autonumA penetration tester is conducting an engagement against an internet-facing web application and planning a phishing campaign. Which of the following is the BEST passive method of obtaining the technical contacts for the website?A . WHOIS domain lookupB . Job listing and recruitment adsC . SSL certificate informationD . Public...
Which of the following command sequences should the penetration tester try NEXT?
autonumA penetration tester runs a scan against a server and obtains the following output: 21/tcp open ftp Microsoft ftpd | ftp-anon: Anonymous FTP login allowed (FTP code 230) | 03-12-20 09:23AM 331 index.aspx | ftp-syst: 135/tcp open msrpc Microsoft Windows RPC 139/tcp open netbios-ssn Microsoft Windows netbios-ssn 445/tcp open microsoft-ds...
Which of the following is the MOST likely culprit?
autonumA penetration tester is contracted to attack an oil rig network to look for vulnerabilities. While conducting the assessment, the support organization of the rig reported issues connecting to corporate applications and upstream services for data acquisitions. Which of the following is the MOST likely culprit?A . Patch installationsB ....
Which of the following is the MOST likely reason for the lack of output?
autonumA penetration tester was brute forcing an internal web server and ran a command that produced the following output: However, when the penetration tester tried to browse the URL http://172.16.100.10:3000/profile, a blank page was displayed. Which of the following is the MOST likely reason for the lack of output?A ....
Which of the following commands should the penetration tester consider?
autonumA penetration tester is trying to restrict searches on Google to a specific domain. Which of the following commands should the penetration tester consider?A . inurl:B . link:C . site:D . intitle:View AnswerAnswer: C
Which of the following could be used for a denial-of-service attack on the network segment?
autonumA penetration tester who is conducting a vulnerability assessment discovers that ICMP is disabled on a network segment. Which of the following could be used for a denial-of-service attack on the network segment?A . SmurfB . Ping floodC . FraggleD . Ping of deathView AnswerAnswer: C Explanation: Fraggle attack is...
