Which of the following OSs would MOST likely return a packet of this type?

02/11/2022 – by Mod_GuideK 0

A penetration tester ran a ping -A command during an unknown environment test, and it returned a 128 TTL packet. Which of the following OSs would MOST likely return a packet of this type? A. Windows B. Apple C. Linux…

Which of the following would be BEST to add to the recommendations section of the final report?

02/11/2022 – by Mod_GuideK 0

A penetration tester recently completed a review of the security of a core network device within a corporate environment. The key findings are as follows: • The following request was intercepted going to the network device: GET /login HTTP/1.1 Host:…

Which of the following protocols or technologies would provide in-transit confidentiality protection for emailing the final security assessment report?

02/11/2022 – by Mod_GuideK 0

Which of the following protocols or technologies would provide in-transit confidentiality protection for emailing the final security assessment report? A. S/MIME B. FTPS C. DNSSEC D. AS2

HOTSPOT

02/11/2022 – by Mod_GuideK 0

HOTSPOT You are a security analyst tasked with hardening a web server. You have been given a list of HTTP payloads that were flagged as malicious. INSTRUCTIONS Given the following attack signatures, determine the attack type, and then identify the…

Which of the following commands would help the tester START this process?

02/11/2022 – by Mod_GuideK 0

A penetration tester has obtained a low-privilege shell on a Windows server with a default configuration and now wants to explore the ability to exploit misconfigured service permissions. Which of the following commands would help the tester START this process?…

Which of the following should the security company have acquired BEFORE the start of the assessment?

02/11/2022 – by Mod_GuideK 0

A new security firm is onboarding its first client. The client only allowed testing over the weekend and needed the results Monday morning. However, the assessment team was not able to access the environment as expected until Monday. Which of…

Which of the following assumptions, if made by the penetration-testing team, is MOST likely to be valid?

02/11/2022 – by Mod_GuideK 0

A company hired a penetration-testing team to review the cyber-physical systems in a manufacturing plant. The team immediately discovered the supervisory systems and PLCs are both connected to the company intranet. Which of the following assumptions, if made by the…

Which of the following documents describes specific activities, deliverables, and schedules for a penetration tester?

02/11/2022 – by Mod_GuideK 0

Which of the following documents describes specific activities, deliverables, and schedules for a penetration tester? A. NDA B. MSA C. SOW D. MOU

Performing a penetration test against an environment with SCADA devices brings additional safety risk because the:

02/11/2022 – by Mod_GuideK 0

Performing a penetration test against an environment with SCADA devices brings additional safety risk because the: A. devices produce more heat and consume more power. B. devices are obsolete and are no longer available for replacement. C. protocols are more…

Which of the following is the MOST important action to take before starting this type of assessment?

02/11/2022 – by Mod_GuideK 0

A client wants a security assessment company to perform a penetration test against its hot site. The purpose of the test is to determine the effectiveness of the defenses that protect against disruptions to business continuity. Which of the following…