Summer Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: exc65

A penetration tester is getting ready to conduct a vulnerability scan to evaluate an environment that consists of a container orchestration cluster. Which of the following tools would be best to use for this purpose?

A.

NSE

B.

Nessus

C.

CME

D.

Trivy

Which of the following OT protocols sends information in cleartext?

A.

TTEthernet

B.

DNP3

C.

Modbus

D.

PROFINET

During an assessment, a penetration tester manages to get RDP access via a low-privilege user. The tester attempts to escalate privileges by running the following commands:

Import-Module .\PrintNightmare.ps1

Invoke-Nightmare -NewUser "hacker" -NewPassword "Password123!" -DriverName "Print"

The tester attempts to further enumerate the host with the new administrative privileges by using the runas command. However, the access level is still low. Which of the following actions should the penetration tester take next?

A.

Log off and log on with "hacker".

B.

Attempt to add another user.

C.

Bypass the execution policy.

D.

Add a malicious printer driver.

During a red-team exercise, a penetration tester obtains an employee's access badge. The tester uses the badge's information to create a duplicate for unauthorized entry. Which of the following best describes this action?

A.

Smurfing

B.

Credential stuffing

C.

RFID cloning

D.

Card skimming

Which of the following is within the scope of proper handling and most crucial when working on a penetration testing report?

A.

Keeping both video and audio of everything that is done

B.

Keeping the report to a maximum of 5 to 10 pages in length

C.

Basing the recommendation on the risk score in the report

D.

Making the report clear for all objectives with a precise executive summary

A penetration tester is performing an authorized physical assessment. During the test, the tester observes an access control vestibule and on-site security guards near the entry door in the lobby. Which of the following is the best attack plan for the tester to use in order to gain access to the facility?

A.

Clone badge information in public areas of the facility to gain access to restricted areas.

B.

Tailgate into the facility during a very busy time to gain initial access.

C.

Pick the lock on the rear entrance to gain access to the facility and try to gain access.

D.

Drop USB devices with malware outside of the facility in order to gain access to internal machines.

A penetration tester needs to identify all vulnerable input fields on a customer website. Which of the following tools would be best suited to complete this request?

A.

DAST

B.

SAST

C.

IAST

D.

SCA

A penetration tester executes multiple enumeration commands to find a path to escalate privileges. Given the following command:

find / -user root -perm -4000 -exec ls -ldb {} \; 2>/dev/null

Which of the following is the penetration tester attempting to enumerate?

A.

Attack path mapping

B.

API keys

C.

Passwords

D.

Permission

A penetration tester needs to test a very large number of URLs for public access. Given the following code snippet:

1 import requests

2 import pathlib

3

4 for url in pathlib.Path("urls.txt").read_text().split("\n"):

5 response = requests.get(url)

6 if response.status == 401:

7 print("URL accessible")

Which of the following changes is required?

A.

The condition on line 6

B.

The method on line 5

C.

The import on line 1

D.

The delimiter in line 3

While conducting a reconnaissance activity, a penetration tester extracts the following information:

Emails: - admin@acme.com - sales@acme.com - support@acme.com

Which of the following risks should the tester use to leverage an attack as the next step in the security assessment?

A.

Unauthorized access to the network

B.

Exposure of sensitive servers to the internet

C.

Likelihood of SQL injection attacks

D.

Indication of a data breach in the company