Q. Charleen has been tasked with the components of a penetration test that deal with mobile devices at a large client organization. She has been given a standard corporate device to test that uses the organization’s base configuration for devices that are issued to employees. As part of her team, you’ve been asked to provide input on the penetration testing process.

Charleen wants to use a cloned image of a phone to see if she can access it using bruteforce passcode-breaking techniques. Which of the following techniques will allow her to do this without an automatic wipe occurring if “wipe after 10 passcode attempts” is set for the device?

View solution

Q. Charleen has been tasked with the components of a penetration test that deal with mobile devices at a large client organization. She has been given a standard corporate device to test that uses the organization’s base configuration for devices that are issued to employees. As part of her team, you’ve been asked to provide input on the penetration testing process.
Charleen has determined that the organization she is testing uses certificate pinning for their web application. What technique is most likely to help her overcome this so that she can conduct an on-path attack?

View solution

Q. Charleen has been tasked with the components of a penetration test that deal with mobile devices at a large client organization. She has been given a standard corporate device to test that uses the organization’s base configuration for devices that are issued to employees. As part of her team, you’ve been asked to provide input on the penetration testing process.
Charleen wants to perform static code analysis of the mobile application her target installed on the device in her possession. Which of the following tools should she select?

View solution

Q. Alice is conducting a penetration test of an organization’s AWS infrastructure. What tool should she select from the following list if she wants to exploit AWS?

View solution

Q. What type of attack focuses on accessing the underlying hardware in a shared cloud environment to gain information about other virtualized systems running on it?

View solution

Q. Isaac wants to test for insecure S3 storage buckets belonging to his target organization. What process can he use to test for this type of insecure configuration?

View solution

Q. Jocelyn wants to conduct a credential harvesting attack against an organization. What technique is she most likely to employ to accomplish the attack?

View solution

Q. Simone has been asked to check for IPMI interfaces on servers at her target organization. Where is she most likely to find IPMI interfaces to probe?

View solution

Q. Selah wants to use a brute-force attack against the SSH service provided by one of her targets. Which of the following tools is not designed to brute-force services like this?

View solution

Q. After compromising a remote host, Cameron uses SSH to connect to port 4444 from his penetration testing workstation. What type of remote shell has he set up?

View solution

Q. Jim wants to crack the hashes from a password file he recovered during a penetration test. Which of the following methods will typically be fastest?

View solution