A penetration tester is contracted to attack an oil rig network to look for vulnerabilities. While conducting the assessment, the support organization of the rig reported issues connecting to corporate applications and upstream services for data acquisitions. Which of the following is the MOST likely culprit?
Which of the following tools would be BEST suited to perform a manual web application security assessment? (Choose two.)
A penetration tester examines a web-based shopping catalog and discovers the following URL when viewing a product in the catalog:
The penetration tester alters the URL in the browser to the following and notices a delay when the page refreshes:
DELAY '00:00:05'
Which of the following should the penetration tester attempt NEXT?
A penetration tester was hired to perform a physical security assessment of an organization's office. After monitoring the environment for a few hours, the penetration tester notices that some employees go to lunch in a restaurant nearby and leave their belongings unattended on the table while getting food. Which of the following techniques would MOST likely be used to get legitimate access into the organization's building without raising too many alerts?
TESTED 22 Jan 2025
