A consulting firm was hired to conduct assessment for a company. During the first stage, a penetration tester used a tool that provided the following output:
TCP 80 open
TCP 443 open
TCP 1434 filtered
The penetration tester then used a different tool to make the following requests:
GET / script/login.php?token=45$MHT000MND876
GET / script/login.php?token=@#984DCSPQ%091DF
Which of the following tools did the penetration tester use?
A. Protocol analyzer
B. Port scanner
C. Fuzzer
D. Brute forcer
E. Log analyzer
F. HTTP interceptor
How to PASS CAS-004 in First Attempt?FULL Printable PDF and Software. VALID exam to help you PASS. |
 |
This is a poorly worded question in that it is describing and assessment exercise in two distinct parts. The first part being finding open and filtered ports, then the second part being entering invalid, unexpected, or random data as input characters in a request in hopes of eliciting some sort of response from the program indicating a fault in the program. When I first read the last part of the question “which of the following TOOLS did the penetration tester use” it leads you to believe this is a multiple choice question. However, that last part of the question is actually only referring to the second part of the assessment which would be a Fuzzer tool that is used in the manner described. To make that intent more clear the last part of the question should read something like “Which of the following tools was used in the second part of the assessment
I am still not sure but I can see how passing data (TOKEN=…) that is probably invalid would be the job of a fuzzer
Really – a fuzzer? How about a port scanner for the ports and an HTTP interceptor for the get commands?
Anybody else have a thought on this? shouldn’t this be a SELECT 2 question?
This should really be a select two type question. The first part is clearly showing output from a port scanner. The second however I can see how it can be classified as a fuzzer based on the output after the “TOKEN” parameter. If you use a utility such as WFUZZ, it can produce this output depending on the file you are using to perform the FUZZ.
I would agree the answer here being C.
Quiet the answer is fuzzer
You are so rude… hummmm