Q. Steve has set his penetration testing workstation up for an on-path attack between his target and an FTP server. What is the best method for him to acquire FTP credentials?

View solution

Q. Ian wants to drop a tool on a compromised system that will allow him to set up a reverse shell. Which of the following tools should he select?

View solution

Q. What drives the use of deauthentication attacks during penetration tests?

View solution

Q. Which of the following tools will not allow Alice to capture NTLM v2 hashes over the wire for use in a pass-the-hash attack?

View solution

Q. For what type of activity would you use the tools HULK, LOIC, HOIC, and SlowLoris?

View solution

Q. During a penetration test, Mike uses double tagging to send traffic to another system. What technique is he attempting?

View solution

Q. Elle is using her workstation as part of an on-path attack as shown in the following image. What does she need to send at point X to ensure that the downgrade attack works properly?

View solution

Q. Isaac wants to use arpspoof to execute an on-path attack between target host 10.0.1.5 and a server at 10.0.1.25, with a network gateway of 10.0.1.1. What commands does he need to run to do this?

View solution

Q. Jessica wants to list the domain password policy for a Windows domain as she prepares for a password attack against domain member systems. What net command can she use to do this?

View solution

Q. Cynthia attempted a DNS poisoning attack as shown here. After her attempt, she does not see any traffic from her target system. What most likely happened to cause the attack to fail?

View solution

Q. Elle wants to clone an RFID entry access card. Which type of card is most easily cloned using inexpensive cloning devices?

View solution