A penetration tester completed a vulnerability scan against a web server and identified a single but severe vulnerability.
Which of the following is the BEST way to ensure this is a true positive?

• A.Look for the vulnerability online.
• B.Run another scanner to compare.
• C.Perform a manual test on the server.
• D.Check the results on the scanner.

Comment: *

Name: *

Email: *

Verification: *

In the process of active service enumeration, a penetration tester identifies an SMTP daemon running on one of the target company's servers. Which of the following actions would BEST enable the tester to perform phishing in a later stage of the assessment?

• A.Check for an open relay configuration.
• B.Test for RFC-defined protocol conformance.
• C.Perform a reverse DNS query and match to the service banner.
• D.Attempt to brute force authentication to the service.

Comment: *

Name: *

Email: *

Verification: *

A penetration tester found the following valid URL while doing a manual assessment of a web application: http://www.example.com/product.php?id=123987.
Which of the following automated tools would be best to use NEXT to try to identify a vulnerability in this URL?

• A.Nikto
• B.DirBuster
• C.SQLmap
• D.Nessus

Comment: *

Name: *

Email: *

Verification: *

A red team gained access to the internal network of a client during an engagement and used the Responder tool to capture important dat
a. Which of the following was captured by the testing team?

• A.User hashes sent over SMB
• B.IP addresses
• C.Encrypted file transfers
• D.Multiple handshakes

Comment: *

Name: *

Email: *

Verification: *

Which of the following tools provides Python classes for interacting with network protocols?

• A.PowerSploit
• B.Impacket
• C.Responder
• D.Empire

Comment: *

Name: *

Email: *

Verification: *