A penetration tester notices that the x frame optjons

This preview shows page 18 - 21 out of 61 pages.

Question: 26A penetration tester notices that the X-Frame-Optjons header on a web application is not set. Whichof the following would a malicious actor do to exploit this configuration setting?A. Use path modification to escape the application's framework.B. Create a frame that overlays the application.C. Inject a malicious iframe containing JavaScript.D. Pass an iframe attribute that is malicious.Answer: C
Question: 27
Questions & Answers PDFP-19A penetration tester is required to perform OSINT on staff at a target company after completing theinfrastructure aspect. Which of the following would be the BEST step for the penetration tester totake?
Question: 28A security consultant found a SCADA device in one of the VLANs in scope. Which of the followingactions would BEST create a potentially destructive outcome against device?
Question: 29An email sent from the Chief Executive Officer (CEO) to the Chief Financial Officer (CFO) states a wiretransfer is needed to pay a new vendor. Neither is aware of the vendor, and the CEO denies eversending the email. Which of the following types of motivation was used m this attack?
Question: 30A recently concluded penetration test revealed that a legacy web application is vulnerable lo SQLinjection Research indicates that completely remediating the vulnerability would require anarchitectural change, and the stakeholders are not m a position to risk the availability of theapplication Under such circumstances, which of the following controls are low-effort, short-termsolutions to minimize the SQL injection risk? (Select TWO).A. Identity and eliminate inline SQL statements from the code.
Questions & Answers PDFP-20B. Identify and eliminate dynamic SQL from stored procedures.C. Identify and sanitize all user inputs.D. Use a whitelist approach for SQL statements.E. Use a blacklist approach for SQL statements.F. Identify the source of malicious input and block the IP address.Answer: C,D

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture