Welcome to the Exploiting Network Vulnerabilities MCQs Page

Dive deep into the fascinating world of Exploiting Network Vulnerabilities with our comprehensive set of Multiple-Choice Questions (MCQs). This page is dedicated to exploring the fundamental concepts and intricacies of Exploiting Network Vulnerabilities, a crucial aspect of CompTIA PenTest+ Certification Exam PT0 002. In this section, you will encounter a diverse range of MCQs that cover various aspects of Exploiting Network Vulnerabilities, from the basic principles to advanced topics. Each question is thoughtfully crafted to challenge your knowledge and deepen your understanding of this critical subcategory within CompTIA PenTest+ Certification Exam PT0 002.

Check out the MCQs below to embark on an enriching journey through Exploiting Network Vulnerabilities. Test your knowledge, expand your horizons, and solidify your grasp on this vital area of CompTIA PenTest+ Certification Exam PT0 002.

Note: Each MCQ comes with multiple answer choices. Select the most appropriate option and test your understanding of Exploiting Network Vulnerabilities. You can click on an option to test your knowledge before viewing the solution for a MCQ. Happy learning!

Exploiting Network Vulnerabilities MCQs | Page 11 of 13

Explore more Topics under CompTIA PenTest+ Certification Exam PT0 002

01

Penetration Testing

02

Planning and Scoping Penetration Tests 🔒

03

Information Gathering 🔒

04

Vulnerability Scanning 🔒

05

Analyzing Vulnerability Scans

06

Exploiting and Pivoting 🔒

07

Exploiting Physical and Social Vulnerabilities

08

Exploiting Application Vulnerabilities 🔒

09

Attacking Hosts,Cloud Technologies and Specialized Systems 🔒

10

Reporting and Communication

11

Scripting for Penetration Testing 🔒

Q101.

How can repeating traffic or conducting a relay attack be useful for a penetration tester?

To improve Wi-Fi network security

To boost the performance of wireless IoT devices

To prevent access to a wireless device

To relay traffic over longer distances when out of range

Discuss

Answer: (d).To relay traffic over longer distances when out of range Explanation:Repeating traffic or conducting a relay attack can be useful for a penetration tester who needs access to a wireless network but cannot remain in range, allowing traffic to be relayed over longer distances.

Q102.

What may be required to gain access to a wired network in an on-site penetration test?

Setting up an evil twin

Changing a MAC address

Conducting VLAN hopping attacks

Harvesting credentials from wireless clients

Discuss

Answer: (c).Conducting VLAN hopping attacks Explanation:Gaining access to a wired network in an on-site penetration test may require bypassing network access controls (NACs) or conducting VLAN hopping attacks.

Q103.

What technique can be useful for a penetration tester to gain network access in a wireless network?

Setting up an evil twin

Changing a MAC address

Conducting VLAN hopping attacks

Harvesting credentials from wired clients

Discuss

Answer: (a).Setting up an evil twin Explanation:Setting up an evil twin or fake access point to execute on-path attacks can be useful for a penetration tester to gain network access in a wireless network.

Q104.

What is a high-value target for penetration testers once they have gained network access?

Wireless access points

Network access controls (NACs)

Credentials and related information

VLAN hopping vulnerabilities

Discuss

Answer: (c).Credentials and related information Explanation:Once penetration testers have gained network access, credentials and related information are considered high-value targets.

Q105.

What on-path attacks can penetration testers conduct via ARP spoofing?

WPS attacks

SSL stripping attacks

RFID cloning attacks

Bluetooth relay attacks

Discuss

Answer: (b).SSL stripping attacks Explanation:Via ARP spoofing, penetration testers can conduct on-path attacks like SSL stripping attacks, which can expose sensitive information.

Q106.

Why are Windows NetBIOS and SMB services popular targets for penetration testers?

Due to their use of Bluetooth

Because of their compatibility with RFID

The ability to replay stolen NTLM hashes in pass-the-hash attacks

Their resistance to denial-of-service attacks

Discuss

Answer: (c).The ability to replay stolen NTLM hashes in pass-the-hash attacks Explanation:Windows NetBIOS and SMB services are popular targets for penetration testers because stolen NTLM hashes can be replayed in pass-the-hash attacks, providing access to credentials.

Q107.

Charles wants to deploy a wireless intrusion detection system. Which of the following tools is best suited to that purpose?

WiFite

Kismet

Aircrack-ng

SnortiFi

Discuss

Answer: (b).Kismet Explanation:Kismet is specifically designed to act as a wireless IDS in addition to its other wireless packet capture features. WiFite is designed for wireless network auditing. Aircrack-ng provides a variety of attack tools in addition to its capture and injection capabilities for wireless traffic.

Q108.

Chris is conducting an on-site penetration test. The test is a gray-box test, and he is permitted on-site but has not been given access to the wired or wireless networks. He knows he needs to gain access to both to make further progress. Which of the following NAC systems would be the easiest for Chris to bypass?

A software client-based system

A DHCP proxy

A MAC address filter

None of the above

Discuss

Answer: (c).A MAC address filter Explanation:If the NAC system relies only on MAC filtering, Chris only needs to determine the hardware address of a trusted system. This may be accessible simply by looking at a label on a laptop or desktop, or he may be able to obtain it via social engineering or technical methods.

Q109.

Chris is conducting an on-site penetration test. The test is a gray-box test, and he is permitted on-site but has not been given access to the wired or wireless networks. He knows he needs to gain access to both to make further progress. If Chris wants to set up a false AP, which tool is best suited to his needs?

Aircrack-ng

Kismet

Wireshark

WiFite2

Discuss

Answer: (a).Aircrack-ng Explanation:Aircrack-ng has fake-AP functionality built in, with tools that will allow Chris to identify valid access points, clone them, disassociate a target system, and then allow on-path attacks.

Q110.

Chris is conducting an on-site penetration test. The test is a gray-box test, and he is permitted on-site but has not been given access to the wired or wireless networks. He knows he needs to gain access to both to make further progress.Once Chris has gained access to the network, what technique can he use to gather additional credentials?

ARP spoofing to allow an on-path attack

Network sniffing using Wireshark

SYN floods

All of the above

Discuss

Answer: (a).ARP spoofing to allow an on-path attack Explanation:Chris can use ARP spoofing to represent his workstation as a legitimate system that other devices are attempting to connect to. As long as his responses are faster, he will then receive traffic and can conduct on-path attacks. Network sniffing is useful after this to read traffic, but it isn't useful for most traffic on its own on a switched network. SYN floods are not useful for gaining credentials; thus, both options C and D are incorrect.

Page 11 of 13

Planning and Scoping Penetration Tests 🔒

Information Gathering 🔒

Vulnerability Scanning 🔒

Exploiting and Pivoting 🔒

Exploiting Application Vulnerabilities 🔒

Attacking Hosts,Cloud Technologies and Specialized Systems 🔒

Scripting for Penetration Testing 🔒

Welcome to the Exploiting Network Vulnerabilities MCQs Page

Exploiting Network Vulnerabilities MCQs | Page 11 of 13

Explore more Topics under CompTIA PenTest+ Certification Exam PT0 002

Penetration Testing

Analyzing Vulnerability Scans

Exploiting Physical and Social Vulnerabilities

Reporting and Communication

Suggested Topics

DBMS

HTML

Cyber Security

SQL Server

Data Structures and Algorithms

Software Engineering

Internet of Things (IoT)

Computer Hardware

Object Oriented Programming