Podcast
Questions and Answers
What type of host discovery flags does nmap use for TCP SYN/ACK, UDP, or SCTP discovery?
What type of host discovery flags does nmap use for TCP SYN/ACK, UDP, or SCTP discovery?
- PS/PA/PU/PY (correct)
- PG/PH/PJ/PM
- PX/PQ/PW/PR
- PT/PK/PL/PN
What is the process of appending string values onto another string called?
What is the process of appending string values onto another string called?
- Concatenation (correct)
- Conjunction
- Compilation
- Connection
What is the BEST character to test a website for vulnerabilities in input validation?
What is the BEST character to test a website for vulnerabilities in input validation?
- Single quote (correct)
- Semicolon
- Double dash
- Comma
For analyzing 64-bit Windows binaries, which tool can a penetration tester utilize to gauge what an attacker might see?
For analyzing 64-bit Windows binaries, which tool can a penetration tester utilize to gauge what an attacker might see?
What term describes the situation where network traffic no longer reaches the client's IP address due to sinkholing?
What term describes the situation where network traffic no longer reaches the client's IP address due to sinkholing?
In conducting enumeration on an SMTP server to check for active user accounts, which commands should a penetration tester use?
In conducting enumeration on an SMTP server to check for active user accounts, which commands should a penetration tester use?
What method does a penetration tester want to utilize for reconnaissance without being detected?
What method does a penetration tester want to utilize for reconnaissance without being detected?
Which tool provides Python classes specifically for interacting with network protocols?
Which tool provides Python classes specifically for interacting with network protocols?
When performing port scanning for live ports, why is sending a SYN packet considered a good alternative?
When performing port scanning for live ports, why is sending a SYN packet considered a good alternative?
When a SOC uses sinkholing on an IP address, what is the primary reason?
When a SOC uses sinkholing on an IP address, what is the primary reason?
Which character is least likely to be involved in causing input validation issues on a website?
Which character is least likely to be involved in causing input validation issues on a website?
What type of flag should be chosen when needing to identify if ports are live during a penetration test?
What type of flag should be chosen when needing to identify if ports are live during a penetration test?
What type of attack involves giving a target a gift, such as an external hard drive, to exploit them?
What type of attack involves giving a target a gift, such as an external hard drive, to exploit them?
When performing authenticated scans on all servers in a network, which account should a penetration tester use to get the MOST results?
When performing authenticated scans on all servers in a network, which account should a penetration tester use to get the MOST results?
After cracking user credentials from a database during an assessment, which algorithm was MOST likely used to store the passwords if rainbow tables were effective?
After cracking user credentials from a database during an assessment, which algorithm was MOST likely used to store the passwords if rainbow tables were effective?
What type of attack involves following an authorized person into a secure area?
What type of attack involves following an authorized person into a secure area?
During a social-engineering attack, if an attacker builds a relationship with an employee over time and then exploits them on a significant day, which attack type is being utilized?
During a social-engineering attack, if an attacker builds a relationship with an employee over time and then exploits them on a significant day, which attack type is being utilized?
If a penetration tester wants to gain comprehensive access to network systems during testing, which account should be used for conducting scans?
If a penetration tester wants to gain comprehensive access to network systems during testing, which account should be used for conducting scans?
In the context of the Nmap scan results, why might the device be considered a gateway with in-band management services?
In the context of the Nmap scan results, why might the device be considered a gateway with in-band management services?
What security concern is associated with the Heartbleed bug in the context of the Nmap scan results?
What security concern is associated with the Heartbleed bug in the context of the Nmap scan results?
What is the main purpose of holding a lessons-learned meeting with the penetration-testing team according to the text?
What is the main purpose of holding a lessons-learned meeting with the penetration-testing team according to the text?
What is a possible consequence of dropping a malicious USB key with the company's logo in the parking lot?
What is a possible consequence of dropping a malicious USB key with the company's logo in the parking lot?
Why might an attacker use a brute-force attack against a company's external perimeter?
Why might an attacker use a brute-force attack against a company's external perimeter?
What is the purpose of using 'nmap -sS -O 192.168.1.2/24 -T1' command?
What is the purpose of using 'nmap -sS -O 192.168.1.2/24 -T1' command?
After gaining access to a network device with an unknown IP range that is an always-on VPN tunnel, what should a penetration tester do?
After gaining access to a network device with an unknown IP range that is an always-on VPN tunnel, what should a penetration tester do?
What would be an unethical action for a security company conducting an insider-threat assessment on an internal network?
What would be an unethical action for a security company conducting an insider-threat assessment on an internal network?
Which action would be considered ethical within the scope of an insider-threat assessment?
Which action would be considered ethical within the scope of an insider-threat assessment?
In which situation would scanning a network for additional systems be justified ethically?
In which situation would scanning a network for additional systems be justified ethically?
What would be the appropriate response if a penetration tester discovers an unknown IP range on a network device during an assessment?
What would be the appropriate response if a penetration tester discovers an unknown IP range on a network device during an assessment?
Flashcards are hidden until you start studying
