Q. Isaac wants to use arpspoof to execute an on-path attack between target host 10.0.1.5 and a server at 10.0.1.25, with a network gateway of 10.0.1.1. What commands does he need to run to do this?

View solution

Q. Elle is using her workstation as part of an on-path attack as shown in the following image. What does she need to send at point X to ensure that the downgrade attack works properly?

View solution

Q. During a penetration test, Mike uses double tagging to send traffic to another system. What technique is he attempting?

View solution

Q. For what type of activity would you use the tools HULK, LOIC, HOIC, and SlowLoris?

View solution

Q. Which of the following tools will not allow Alice to capture NTLM v2 hashes over the wire for use in a pass-the-hash attack?

View solution

Q. What drives the use of deauthentication attacks during penetration tests?

View solution

Q. Ian wants to drop a tool on a compromised system that will allow him to set up a reverse shell. Which of the following tools should he select?

View solution

Q. Steve has set his penetration testing workstation up for an on-path attack between his target and an FTP server. What is the best method for him to acquire FTP credentials?

View solution

Q. As part of a penetration test Mariana uses a tool that uses the same username and password from a list on many target systems and then uses the next username and password from its list. Which of the following terms best describes the attack she is using?

View solution

Q. Michelle wants to capture NFC communications as part of a penetration test. What is the most critical factor in her ability to intercept the communication?

View solution

Q. Cassandra wants to attack a WPS-enabled system. What attack technique can she use against it?

View solution

Q. What type of Bluetooth attack attempts to send unsolicited messages via Bluetooth devices?

View solution

Q. What attack technique can allow the pentester visibility into traffic on VLANs other than their native VLAN?

View solution

Q. Chris is conducting an on-site penetration test. The test is a gray-box test, and he is permitted on-site but has not been given access to the wired or wireless networks. He knows he needs to gain access to both to make further progress.Once Chris has gained access to the network, what technique can he use to gather additional credentials?

View solution

Q. Chris is conducting an on-site penetration test. The test is a gray-box test, and he is permitted on-site but has not been given access to the wired or wireless networks. He knows he needs to gain access to both to make further progress. If Chris wants to set up a false AP, which tool is best suited to his needs?

View solution

Q. Chris is conducting an on-site penetration test. The test is a gray-box test, and he is permitted on-site but has not been given access to the wired or wireless networks. He knows he needs to gain access to both to make further progress. Which of the following NAC systems would be the easiest for Chris to bypass?

View solution

Q. Charles wants to deploy a wireless intrusion detection system. Which of the following tools is best suited to that purpose?

View solution

Q. Why are Windows NetBIOS and SMB services popular targets for penetration testers?

View solution

Q. What on-path attacks can penetration testers conduct via ARP spoofing?

View solution

Q. What is a high-value target for penetration testers once they have gained network access?

View solution