100%(3)3 out of 3 people found this document helpful
This preview shows page 17 - 20 out of 36 pages.
QUESTION 27Which of the following is an example of a spear phishing attack?A.Targeting an executive with an SMS attackB.Targeting a specific team with an email attackC.Targeting random users with a USB key dropD.Targeting an organization with a watering hole attackCorrect Answer:ASection: (none)ExplanationExplanation/Reference:Reference:QUESTION 28A security assessor is attempting to craft specialized XML files to test the security of the parsing functions during ingest into a Windows application. Beforebeginning to test the application, which of the following should the assessor request from the organization?Section: (none)ExplanationExplanation/Reference:QUESTION 29Which of the following CPU registers does the penetration tester need to overwrite in order to exploit a simple buffer overflow?A.Stack pointer registerB.Index pointer register- VCE Exam Simulator - Download A+ VCE (latest) free Open VCE Exams - VCE to PDF Converter - PDF Online
ExplanationExplanation/Reference:Reference:QUESTION 30During a web application assessment, a penetration tester discovers that arbitrary commands can be executed on the server. Wanting to take this attack one stepfurther, the penetration tester begins to explore ways to gain a reverse shell back to the attacking machine at 192.168.1.5. Which of the following are possibleways to do so? (Select TWO).ExplanationExplanation/Reference:References:QUESTION 31Consumer-based IoT devices are often less secure than systems built for traditional desktop computers. Which of the following BEST describes the reasoning forthis?- VCE Exam Simulator - Download A+ VCE (latest) free Open VCE Exams - VCE to PDF Converter - PDF Online