A security consultant is trying to attack a device

This preview shows page 11 - 12 out of 12 pages.

A security consultant is trying to attack a device with a previous identified user account. Which of the following types of attacks is being executed? A. Credential dump attack B. DLL injection attack C. Reverse shell attack D. Pass the hash attack Answer: D
Question: 8 The following command is run on a Linux file system: Chmod 4111 /usr/bin/sudo Which of the following issues may be exploited now?
Question: 9 A client is asking a penetration tester to evaluate a new web application for availability. Which of the following types of attacks should the tester use?
Questions & Answers PDF Page 12 B. SQL injection C. xss D. XMAS scan Answer: A Question: 10 During a penetration test, a tester runs a phishing campaign and receives a shell from an internal PC running Windows 10 OS. The tester wants to perform credential harvesting with Mimikazt. Which of the following registry changes would allow for credential caching in memory?

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture