An Nmap scan shows open ports on web servers and databases. A penetration tester decides to run WPScan and SQLmap to identify vulnerabilities and additional information about those systems.
Which of the following is the penetration tester trying to accomplish?

• A.Maintain confidentiality of the findings.
• B.Identity all the vulnerabilities in the environment.
• C.Uncover potential criminal activity based on the evidence gathered.
• D.Limit invasiveness based on scope.

Comment: *

Name: *

Email: *

Verification: *

A Chief Information Security Officer wants a penetration tester to evaluate the security awareness level of the company's employees.
Which of the following tools can help the tester achieve this goal?

• A.SET
• B.Hydra
• C.Metasploit
• D.WPScan

Comment: *

Name: *

Email: *

Verification: *

When preparing for an engagement with an enterprise organization, which of the following is one of the MOST important items to develop fully prior to beginning the penetration testing activities?

• A.Clarify the statement of work.
• B.Obtain an asset inventory from the client.
• C.Identify all third parties involved.
• D.Interview all stakeholders.

Comment: *

Name: *

Email: *

Verification: *

A penetration tester performs the following command:
curl -I -http2 https://www.comptia.org
Which of the following snippets of output will the tester MOST likely receive?

• A.Option A
• B.Option B
• C.Option C
• D.Option D

Comment: *

Name: *

Email: *

Verification: *

A penetration tester conducted a discovery scan that generated the following:

Which of the following commands generated the results above and will transform them into a list of active hosts for further analysis?

• A.nmap --open 192.168.0.1-254, uniq
• B.nmap -o 192.168.0.1-254, cut -f 2
• C.nmap -sn 192.168.0.1-254 , grep "Nmap scan" | awk '{print S5}'
• D.nmap -oG list.txt 192.168.0.1-254 , sort

Comment: *

Name: *

Email: *

Verification: *