PEN Testing Final Exam| (Answered)
With Complete Verified Solution
Ryan is conducting a penetration test and is targeting a database server. Which
one of the following tools would best assist him in detecting vulnerabilities on
that server?
sqlmap
Which of the following threat actors is the most dangerous based on the
adversary tier list?
APTs
Joe is examining the logs for his web server and discovers that a user sent input
to a web application that contained the string WAITFOR. What type of attack was
the user likely attempting?
Timing-based SQL injection
During a penetration test, Mike uses double tagging to send traffic to another
system. What technique is he attempting?
VLAN hopping
What does an MSA typically include?
The terms that will govern future agreements.
What type of legal assessment typically covers sensitive data and information
that a penetration tester may encounter while performing an assessment?
an NDA
What penetration testing strategy is also known as "zero knowledge" testing?
Black box testing
Which one of the following protocols should never be used on a public network?
Telnet
Examine the following network diagram. What is the most appropriate location for
a web application firewall (WAF) on this network?
Location D
Which of the following is a static code analysis tool?
YASCA
Which one of the following is NOT a password cracking utility?
OWASP ZAP
Chris runs an Nmap scan against the 10.10.0.0/16 network that his employer uses
as an internal network range for the entire organization. If he uses the -T0 flag,
what issue is he likely to encounter?
The scan will progress at a very slow speed.
Which one of the following values for the confidentiality, integrity, or availability
CVSS metric would indicate the potential for a total compromise of a system?
C
Kevin recently identified a new security vulnerability and computed the CVSSv2
base score as 6.5. Which risk category would this vulnerability fall into?
High
, Which of the following is NOT a reason to conduct periodic penetration tests of
systems and applications?
Cost
What is required for Jason to conduce a cold-boot attack against a system?
Physical access
Which of the following is NOT a benefit of using an internal penetration test team.
Independence
Tara recently analyzed the results of a vulnerability scan report and found that a
vulnerability reported by the scanner did not exist because the system was
actually patched as specified. What type of error occurred?
False positive
Jack is conducting a penetration test for a customer in Japan. What NIC is he
most likely to need to check for information about his client's networks?
APNIC
Which one of the following activities assumes that an organization has already
been compromised?
Threat hunting
Which one of the following tools is an exploitation framework commonly used by
penetration testers?
Metasploit
Which of the following is a debugging tool compatible with Linux systems?
GDB
Beth recently conducted a phishing attack against a penetration testing target in
an attempt to gather credentials that she might use in later attacks. What stage in
the penetration testing process is Beth in?
Attacking and Exploiting
Renee is configuring her vulnerability management solution to perform
credentialed scans of servers on her network. What type of account should she
provide to the scanner?
Read-only
Where are the LSA Secrets stored on a Windows system?
The Registry
During the scoping phase of a penetration test, Lauren is provided with the IP
range of the systems she will test, as well as information about what the systems
run, but she does not recieve a full network diagram. What type of assessment is
she most likely conducting?
A gray box assessment
Which of the following tools provides information about a domain's registrar and
physical location?
WHOIS
Rick wants to look at the advertised routes to his target. What type of service
should he look for to do this?
A BGP looking glass
What technique is being used in the following command:
host -t axfr domain.com dns1.domain.com
Zone transfer
With Complete Verified Solution
Ryan is conducting a penetration test and is targeting a database server. Which
one of the following tools would best assist him in detecting vulnerabilities on
that server?
sqlmap
Which of the following threat actors is the most dangerous based on the
adversary tier list?
APTs
Joe is examining the logs for his web server and discovers that a user sent input
to a web application that contained the string WAITFOR. What type of attack was
the user likely attempting?
Timing-based SQL injection
During a penetration test, Mike uses double tagging to send traffic to another
system. What technique is he attempting?
VLAN hopping
What does an MSA typically include?
The terms that will govern future agreements.
What type of legal assessment typically covers sensitive data and information
that a penetration tester may encounter while performing an assessment?
an NDA
What penetration testing strategy is also known as "zero knowledge" testing?
Black box testing
Which one of the following protocols should never be used on a public network?
Telnet
Examine the following network diagram. What is the most appropriate location for
a web application firewall (WAF) on this network?
Location D
Which of the following is a static code analysis tool?
YASCA
Which one of the following is NOT a password cracking utility?
OWASP ZAP
Chris runs an Nmap scan against the 10.10.0.0/16 network that his employer uses
as an internal network range for the entire organization. If he uses the -T0 flag,
what issue is he likely to encounter?
The scan will progress at a very slow speed.
Which one of the following values for the confidentiality, integrity, or availability
CVSS metric would indicate the potential for a total compromise of a system?
C
Kevin recently identified a new security vulnerability and computed the CVSSv2
base score as 6.5. Which risk category would this vulnerability fall into?
High
, Which of the following is NOT a reason to conduct periodic penetration tests of
systems and applications?
Cost
What is required for Jason to conduce a cold-boot attack against a system?
Physical access
Which of the following is NOT a benefit of using an internal penetration test team.
Independence
Tara recently analyzed the results of a vulnerability scan report and found that a
vulnerability reported by the scanner did not exist because the system was
actually patched as specified. What type of error occurred?
False positive
Jack is conducting a penetration test for a customer in Japan. What NIC is he
most likely to need to check for information about his client's networks?
APNIC
Which one of the following activities assumes that an organization has already
been compromised?
Threat hunting
Which one of the following tools is an exploitation framework commonly used by
penetration testers?
Metasploit
Which of the following is a debugging tool compatible with Linux systems?
GDB
Beth recently conducted a phishing attack against a penetration testing target in
an attempt to gather credentials that she might use in later attacks. What stage in
the penetration testing process is Beth in?
Attacking and Exploiting
Renee is configuring her vulnerability management solution to perform
credentialed scans of servers on her network. What type of account should she
provide to the scanner?
Read-only
Where are the LSA Secrets stored on a Windows system?
The Registry
During the scoping phase of a penetration test, Lauren is provided with the IP
range of the systems she will test, as well as information about what the systems
run, but she does not recieve a full network diagram. What type of assessment is
she most likely conducting?
A gray box assessment
Which of the following tools provides information about a domain's registrar and
physical location?
WHOIS
Rick wants to look at the advertised routes to his target. What type of service
should he look for to do this?
A BGP looking glass
What technique is being used in the following command:
host -t axfr domain.com dns1.domain.com
Zone transfer
