PT0-002 Questions Bank

Page: 13 / 32

Question 52

A penetration tester captures SMB network traffic and discovers that users are mistyping the name of a fileshare server. This causes the workstations to send out requests attempting to resolve the fileshare server's name. Which of the following is the best way for a penetration tester to exploit this situation?

Options:

Relay the traffic to the real file server and steal documents as they pass through.

Host a malicious file to compromise the workstation.

Reply to the broadcasts with a fake IP address to deny access to the real file server.

Respond to the requests with the tester's IP address and steal authentication credentials.

Question 53

Options:

To identify potential risks and threats during testing

To define the boundaries and objectives

To ensure that all vulnerabilities are identified and addressed

To validate the project timeline and resource allocations

Question 54

A security engineer is trying to bypass a network IPS that isolates the source when the scan exceeds 100 packets per minute. The scope of the scan is to identify web servers in the 10.0.0.0/16 subnet.

Which of the following commands should the engineer use to achieve the objective in the least amount of time?

Options:

nmap -T3 -p 80 10.0.0.0/16 -- max-hostgroup 100

nmap -TO -p 80 10.0.0.0/16

nmap -T4 -p 80 10.0.0.0/16 -- max-rate 60

nmap -T5 -p 80 10.0.0.0/16 -- min-rate 80

Question 55

A penetration tester is trying to bypass an active response tool that blocks IP addresses that have more than 100 connections per minute. Which of the following commands would allow the tester to finish the test without being blocked?