A consulting firm was hired to conduct assessment for a company. During the first stage, a penetration tester used a tool that provided the following output:
TCP 80 open
TCP 443 open
TCP 1434 filtered
The penetration tester then used a different tool to make the following requests:
GET / script/login.php?token=45$MHT000MND876
GET / script/login.php?token=@#984DCSPQ%091DF
Which of the following tools did the penetration tester use?
A. Protocol analyzer
B. Port scanner
C. Fuzzer
D. Brute forcer
E. Log analyzer
F. HTTP interceptor
How to PASS CAS-004 in First Attempt?FULL Printable PDF and Software. VALID exam to help you PASS. |
Agreed on both counts – B F
Question does ask which “tools”, it’s a choose two.
B. Port scanner
F. HTTP interceptor
At first, the pentester used a port scanner (B) – something like a nmap. Then, the 2nd tool was a HTTP interceptor (F) – something like Burp Suite/ZAP.
There should be 2 right answers for this one.
https://vceguide.com/which-of-the-following-tools-did-the-penetration-tester-use/