Q. How can a compromised system be leveraged for pivoting in penetration testing?

View solution

Q. What can help slow down defenders if there is a possibility that the tools may be discovered?

View solution

Q. What is emphasized as a key part of covering tracks in terms of communications between the target system and a penetration tester's workstation?

View solution

Q. What is the purpose of vulnerability and exploit databases for penetration testers?

View solution

Q. What are some tools that penetration testers often use for creating and maintaining a foothold?

View solution

Q. What is a first step in post-exploitation activities after successfully exploiting systems?

View solution

Q. What is important for concealing and retaining long-term access during post-exploitation activities?

View solution

Q. What is the purpose of tools like Empire, Mimikatz, and BloodHound for penetration testers?

View solution

Q. What is an important task for penetration testers who gain access to their targets?

View solution

Q. What is the significance of creating and maintaining a foothold in penetration testing?

View solution

Q. What is an important aspect of avoiding detection?

View solution

Q. What does covering your tracks involve in penetration testing?

View solution

Q. Alice discovers a rating that her vulnerability scanner lists as 9.3 out of 10 on its severity scale. The service that is identified runs on TCP 445. What type of exploit is Alice most likely to use on this service?

View solution

Q. Charles has recently completed a vulnerability scan of a system and needs to select the best vulnerability to exploit from the following listing.
Which of the entries should Charles prioritize from this list if he wants to gain access to the system?

View solution

Q. Charles has recently completed a vulnerability scan of a system and needs to select the best vulnerability to exploit from the following listing.
If Charles wants to build a list of additional system user accounts, which of the vulnerabilities
is most likely to deliver that information?

View solution

Q. Charles has recently completed a vulnerability scan of a system and needs to select the best vulnerability to exploit from the following listing.
If Charles selects the Ruby on Rails vulnerability, which of the following methods cannot be
used to search for an existing Metasploit vulnerability?

View solution

Q. Matt wants to pivot from a Linux host to other hosts in the network but is unable to install additional tools beyond those found on a typical Linux server. How can he leverage the system he is on to allow vulnerability scans of those remote hosts if they are firewalled against inbound connections and protected from direct access from his penetration testing workstation?

View solution

Q. After gaining access to a Windows system, Fred uses the following command:
SchTasks /create /SC Weekly /TN "Antivirus" /TR "C:\Users\SSmith\av.exe" /ST 09:00

What has he accomplished?

View solution

Q. After gaining access to a Linux system through a vulnerable service, Cassandra wants to list all of the user accounts on the system and their home directories. Which of the following locations will provide this list?

View solution

Q. A few days after exploiting a target with the Metasploit Meterpreter payload, Robert loses access to the remote host. A vulnerability scan shows that the vulnerability that he used to exploit the system originally is still open. What has most likely happened?

View solution