After performing a security assessment for a firm the

This preview shows page 23 - 25 out of 28 pages.

39.After performing a security assessment for a firm, the client was found to have been billed for the time the client’s test environment was unavailable. The client claims to have been billed unfairly. Which of the following documents would MOST likely be able to provide guidance in such a situation? A. SOW B. NDA C. EULA D. BPA Answer:A
40.During an internal network penetration test, a tester recovers the NTLM password hash tor a user known to have full administrator privileges on a number of target systems Efforts to crack the hash and recover the plaintext password have been unsuccessful. Which of the following would be the BEST target for continued exploitation efforts?
The safer , easier way to help you pass any IT exams.23/ 26
41.A client requests that a penetration tester emulate a help desk technician who was recently laid off. Which of the following BEST describes the abilities of the threat actor?
Explanation:Reference 42.Which of the following types of physical security attacks does a mantrap mitigate-?
43.A penetration tester wants to check manually if a “ghost” vulnerability exists in a system. Which of the following methods is the correct way to validate the vulnerability? A. Download the GHOST file to a Linux system and compilegcc -o GHOSTtest i:./GHOST B. Download the GHOST file to a Windows system and compilegcc -o GHOST GHOST.ctest i:./GHOST C. Download the GHOST file to a Linux system and compilegcc -o GHOST.ctest i:./GHOST D. Download the GHOST file to a Windows system and compilegcc -o GHOSTtest i:./GHOST Answer:B
44.Which of the following reasons does penetration tester needs to have a customer's point-of contact information available at all time? (Select THREE).

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture