Your team has won a contract to infiltrate an organization. The company wants to have the attack be as
realistic as possible; therefore, they did not provide any information besides the company name. What
should be the first step in security testing the client?

• A.Reconnaissance
• B.Enumeration
• C.Escalation
• D.Scanning

Comment: *

Name: *

Email: *

Verification: *

Perspective clients want to see sample reports from previous penetration tests.
What should you do next?

• A.Decline but, provide references.
• B.Share full reports, not redacted.
• C.Share full reports with redactions.
• D.Share reports, after NDA is signed.

Comment: *

Name: *

Email: *

Verification: *

Seth is starting a penetration test from inside the network. He hasn't been given any information about the network. What type of test is he conducting?

• A.External, Blackbox
• B.Internal Whitebox
• C.External, Whitebox
• D.Internal, Blackbox

Comment: *

Name: *

Email: *

Verification: *

What is the correct PCAP filter to capture all TCP traffic going to or from host 192.168.0.125 on port 25?

• A.tcp.src == 25 and ip.host == 192.168.0.125
• B.tcp.port == 25 and ip.host == 192.168.0.125
• C.port 25 and host 192.168.0.125
• D.host 192.168.0.125:25

Comment: *

Name: *

Email: *

Verification: *

Which of the following is designed to identify malicious attempts to penetrate systems?

• A.Intrusion Detection System
• B.Firewall
• C.Proxy
• D.Router

Comment: *

Name: *

Email: *

Verification: *