Q. Chris runs an Nmap scan of the 10.10.0.0/16 network that his employer uses as an internal network range for the entire organization. If he uses the -T0 flag, what issue is he likely to encounter?

View solution

Q. Which of the following Nmap output formats is unlikely to be useful for a penetration tester?

View solution

Q. During an early phase of his penetration test, Mike recovers a binary executable file that he wants to quickly analyze for useful information. Which of the following will quickly give him a view of potentially useful information in the binary?

View solution

Q. Jack is conducting a penetration test for a customer in Japan. What NIC will he most likely have to check for information about his client’s networks?

View solution

Q. Lin believes that the organization she is scanning may have load balancers in use. Which of the following techniques will help her detect them if they are DNS-based load balancers?

View solution

Q. Charles uses the following hping command to send traffic to a remote system:
hping remotesite.com -S -V -p 80

What type of traffic will the remote system see?

View solution

Q. What does a result of * * * mean during a traceroute?

View solution

Q. Rick wants to describe flaws found in an organization’s internally developed web applications using a standard model. Which of the following is best suited to his need?

View solution

Q. Why would a penetration tester look for expired certificates as part of an information-gathering and enumeration exercise?

View solution

Q. John has gained access to a system that he wants to use to gather more information about other hosts in its local subnet. He wants to perform a port scan but cannot install other tools to do so. Which of the following tools isn’t usable as a port scanner?

View solution