Q. What is the purpose of rainbow tables in password cracking?

View solution

Q. When might cross-compiling be used in penetration testing?

View solution

Q. What is the primary focus of horizontal escalation attacks in privilege escalation?

View solution

Q. Which of the following is one of the most commonly used local exploit methods for vertical escalation?

View solution

Q. What is a potential advantage of social engineering tests in a penetration test?

View solution

Q. In the context of privilege escalation, what do vertical escalation attacks focus on?

View solution

Q. What is the purpose of limited shells?

View solution

Q. What is the significance of setuid binaries in the context of limited shells and privilege escalation?

View solution

Q. What is a potential advantage of using scheduled jobs or tasks for persistence?

View solution

Q. How can Inetd modification be used for maintaining a persistent connection?

View solution

Q. What is a potential advantage of injecting malicious code into an existing service in memory?

View solution

Q. How does a bind shell differ from a reverse shell?

View solution

Q. What is the purpose of covert channels in the context of data exfiltration?

View solution

Q. What should penetration testers consider when planning data exfiltration techniques?

View solution

Q. What is a common method for creating a new user account on a compromised Windows system using Metasploit's Meterpreter?

View solution

Q. What is the purpose of pivoting in the context of penetration testing?

View solution

Q. How can a compromised system be leveraged for pivoting in penetration testing?

View solution

Q. What can help slow down defenders if there is a possibility that the tools may be discovered?

View solution

Q. What is emphasized as a key part of covering tracks in terms of communications between the target system and a penetration tester's workstation?

View solution

Q. What is the purpose of vulnerability and exploit databases for penetration testers?

View solution