Q. What is a method used by tools allowing VLAN hopping?

View solution

Q. What is the purpose of tools like TruffleHog in the context of penetration testing?

View solution

Q. Where are unintentionally exposed secret keys frequently found?

View solution

Q. What is the primary purpose of post-exploit attacks in penetration testing?

View solution

Q. What is the primary purpose of dictionary attacks in penetration testing?

View solution

Q. What is a common technique in password cracking when targeting a specific organization?

View solution

Q. What is the purpose of rainbow tables in password cracking?

View solution

Q. When might cross-compiling be used in penetration testing?

View solution

Q. What is the primary focus of horizontal escalation attacks in privilege escalation?

View solution

Q. Which of the following is one of the most commonly used local exploit methods for vertical escalation?

View solution

Q. What is a potential advantage of social engineering tests in a penetration test?

View solution

Q. In the context of privilege escalation, what do vertical escalation attacks focus on?

View solution

Q. What is the purpose of limited shells?

View solution

Q. What is the significance of setuid binaries in the context of limited shells and privilege escalation?

View solution

Q. What is a potential advantage of using scheduled jobs or tasks for persistence?

View solution

Q. How can Inetd modification be used for maintaining a persistent connection?

View solution

Q. What is a potential advantage of injecting malicious code into an existing service in memory?

View solution

Q. How does a bind shell differ from a reverse shell?

View solution

Q. What is the purpose of covert channels in the context of data exfiltration?

View solution

Q. What should penetration testers consider when planning data exfiltration techniques?

View solution