Which logical address is used for delivery of data to a remote network? destination MAC address source MAC address destination IP address destination port number source IP address Explanation &…
Which message delivery option is used when all devices need to receive the same message simultaneously? duplex broadcast unicast multicast Explanation & Hint: When all devices need to receive the…
In computer communication, what is the purpose of message encoding? to interpret information to break large messages into smaller frames to negotiate correct timing for successful communication to convert information…
What type of communication will send a message to all devices on a local area network? multicast allcast broadcast unicast Explanation & Hint: Broadcast communication is a one-to-all communication. A…
An attacker uses John the Ripper to crack a password file. The attacker issued the ~$ john --list=formats command in Kali Linux. Which information is the attacker trying to find?…
Which statement describes the concept of Bash shell in operating systems? Bash shell is a Linux GUI. Bash shell is a command shell that supports interactive command execution only. Bash…
A company hires a professional to perform penetration testing. The tester has identified and verified that one web application is vulnerable to SQL injection and cross-site scripting attacks. Which technical…
A penetration tester runs the Nmap NSE script nmap --script smtp-open-relay.nse 10.0.0.1 command on a Kali Linux PC. What is the purpose of running this script? to compromise any snmp…
Refer to the exhibit. A penetration is being prepared to run the EternalBlue exploit using Metasploit against a target with an IP address of 10.0.0.1/8 from the source PC with…
Which two tools can create a remote connection with a compromised system? (Choose two.) Mimikatz Nmap Metasploit BloodHound Sysinternals Explanation & Hints: After a system is compromised, basic port scans…
Which three practices are commonly adopted when setting up a penetration testing lab environment? (Choose three.) use a honeypot for all tests run from the physical attack platforms create the…
Match penetration testing methodology and standard with the respective description. OSSTMM ==> This is a peer-reviewed security testing methodology maintained by the Institute for Security and Open Methodologies (ISECOM). It is…
Refer to the exhibit. The attacking system has a listener (port open), and the victim initiates a connection back to the attacking system. Which two resources can create this type…
Which two Bluetooth Low Energy (BLE) statements are true? (Choose two.) Threat actors can listen to BLE advertisements and leverage misconfigurations. BLE pairing is done by mobile apps. BLE involves…
Match the mobile device attack to the description. Spamming ==> This presents users with links to redirect them to malicious sites to steal sensitive information or install malware. Reverse engineering ==> This…
Match the mobile device security testing tool to the description. Drozer ==> This Android testing platform and framework provides access to numerous exploits that can be used to attack Android platforms.…
What is the purpose of using the smtp-user-enum -M VRFY -u snp -t 10.0.0.1 command in Kali Linux? to compromise SMTP open relay server 10.0.0.1 to verify if a certain…
Match the cloud attack to the description. Credential Harvesting ==> Act of gathering and stealing valid usernames, passwords, tokens, PINs, and any other types of credentials through infrastructure breaches Account Takeover…
A threat actor spoofed the phone number of the director of HR and called the IT help desk with a login problem. The threat actor claims to be the director…
Why should a tester use query throttling techniques when running an authorized penetration test on a live network? to reduce the number of attack threads that are being sent to…