100%(5)5 out of 5 people found this document helpful
This preview shows page 44 - 47 out of 61 pages.
ReferenceQuestion: 98A penetration tester has gained access to a marketing employee's device. The penetration testerwants toensure that if the access is discovered, control of the device can be regained. Which of the followingactionsshould the penetration tester use to maintain persistence to the device? (Select TWO.)A. Place an entry in HKLM\Software\Microsoft\CurrentVersion\Run to call au57d.ps1.B. Place an entry in C:\windows\system32\drivers\etc\hosts for 188.8.131.52 badcomptia.com.C. Place a script in C:\users\%username\local\appdata\roaming\temp\au57d.ps1.D. Create a fake service in Windows called RTAudio to execute manually.E. Place an entry for RTAudio in HKLM\CurrentControlSet\Services\RTAudio.F. Create a schedule task to call C:\windows\system32\drivers\etc\hosts.Answer: ACQuestion: 99Which of the following tools is used to perform a credential brute force attack?
Questions & Answers PDFP-45Question: 100A penetration tester has performed a security assessment for a startup firm. The report lists a total oftenvulnerabilities, with five identified as critical. The client does not have the resources to immediatelyremediateall vulnerabilities. Under such circumstances, which of the following would be the BEST suggestionfor the client?Question: 101A security consultant receives a document outlining the scope of an upcoming penetration test. Thisdocumentcontains IP addresses and times that each can be scanned. Which of the following would contain thisinformation?