Which of the following tools would BEST allow a penetration tester to capture wireless handshakes to reveal a Wi-Fi password from a Windows machine?

• A.Wireshark
• B.EAPHammer
• C.Kismet
• D.Aircrack-ng

Comment: *

Name: *

Email: *

Verification: *

An assessor wants to use Nmap to help map out a stateful firewall rule set. Which of the following scans will the assessor MOST likely run?

• A.nmap oG 192.168.0.1/24
• B.nmap 192.168.0.1/24
• C.nmap 192.168.0.1/24
• D.nmap 192.168.0.1/24

Comment: *

Name: *

Email: *

Verification: *

A penetration tester conducted a discovery scan that generated the following:

Which of the following commands generated the results above and will transform them into a list of active hosts for further analysis?

• A.nmap -oG list.txt 192.168.0.1-254 , sort
• B.nmap -sn 192.168.0.1-254 , grep "Nmap scan" | awk '{print S5}'
• C.nmap --open 192.168.0.1-254, uniq
• D.nmap -o 192.168.0.1-254, cut -f 2

Comment: *

Name: *

Email: *

Verification: *

A penetration tester gains access to a system and is able to migrate to a user process:

Given the output above, which of the following actions is the penetration tester performing? (Choose two.)

• A.Redirecting output from a file to a remote system
• B.Building a scheduled task for execution
• C.Mapping a share to a remote system
• D.Executing a file on the remote system
• E.Creating a new process on all domain systems
• F.Setting up a reverse shell from a remote system
• G.Adding an additional IP address on the compromised system

Comment: *

Name: *

Email: *

Verification: *

A penetration tester captured the following traffic during a web-application test:

Which of the following methods should the tester use to visualize the authorization information being transmitted?

• A.Decode the authorization header using Base64.
• B.Decrypt the authorization header using AES.
• C.Decode the authorization header using UTF-8.
• D.Decrypt the authorization header using bcrypt.

Comment: *

Name: *

Email: *

Verification: *