You have compromised a Windows workstation using Metasploit and have injected the Meterpreter payload into the svchost process. After modifying some files to set up a persistent backdoor you realize that you will need to change the modified and access times of the files to ensure that the administrator can't see the changes you made. Which Meterpreter module would you need to load in order to do this?
A. Core
B. Priv
C. Stdapi
D. Browser
You have been contracted to perform a black box pen test against the Internet facing servers for a company. They want to know, with a high level of confidence, if their servers are vulnerable to external attacks. Your contract states that you can use all tools available to you to pen test the systems. What course of action would you use to generate a report with the lowest false positive rate?
A. Use a port scanner to find open service ports and generate a report listing allvulnerabilities associated with those listening services.
B. Use a vulnerability or port scanner to find listening services and then try to exploitthose services.
C. Use a vulnerability scanner to generate a report of vulnerable services.
D. Log into the system and record the patch levels of each service then generate areport that lists known vulnerabilities for all the running services.
In the screen shot below, which selections would you need click in order to intercept and alter all http traffic passing through OWASP ZAP?
A. Trap response and continue
B. Set Break and Continue
C. Trap request and continue
D. Continue and drop
While performing an assessment on a banking site, you discover the following link:
hnps://mybank.com/xfer.aspMer_toMaccount_number]andamount-[dollars]
Assuming authenticated banking users can be lured to your web site, which crafted html tag may be used to launch a XSRF attack?
A.
B.
C.
D.
You are performing a vulnerability assessment using Nessus and your clients printers begin printing pages of random text and showing error messages. The client is not happy with the situation. What is the best way to proceed?
A. Enable the "Skip all primers" option and re-scan
B. Ensure Safe Checks is enabled in Nessus scan policies
C. Remove primer IP addresses from your target list
D. Verify primers are in scope and tell the client In progress scans cannot be stopped
The employees of EWS Inc. require remote access to the company's Web servers. In order to provide solid wireless security, the company uses EAP-TLS as the authentication protocol. Which of the following statements are true about EAPTLS?
Each correct answer represents a complete solution. Choose all that apply.
A. It provides a moderate level of security.
B. It uses password hash for client authentication.
C. It uses a public key certificate for server authentication.
D. It is supported by all manufacturers of wireless LAN hardware and software.
Which of the following tools can be used to automate the MITM attack?
A. Hotspotter
B. Airjack
C. Kismet
D. IKECrack
Which of the following techniques are NOT used to perform active OS fingerprinting? Each correct answer represents a complete solution. Choose all that apply.
A. ICMP error message quoting
B. Analyzing email headers
C. Sniffing and analyzing packets
D. Sending FIN packets to open ports on the remote system
Which of the following ports is used for NetBIOS null sessions?
A. 130
B. 139
C. 143
D. 131