Which of the following assessment methods is the most likely to cause harm to an ICS environment?

• A.Active scanning
• B.Ping sweep
• C.Protocol reversing
• D.Packet analysis

Comment: *

Name: *

Email: *

Verification: *

A penetration tester is working on a scoping document with a new client. The methodology the client uses includes the following:
Pre-engagement interaction (scoping and ROE)
Intelligence gathering (reconnaissance)
Threat modeling
Vulnerability analysis
Exploitation and post exploitation
Reporting
Which of the following methodologies does the client use?

• A.OWASP Web Security Testing Guide
• B.OSSTMM
• C.PTES technical guidelines
• D.NIST SP 800-115

Comment: *

Name: *

Email: *

Verification: *

A penetration tester performs the following command:
curl -I -http2 https://www.comptia.org
Which of the following snippets of output will the tester MOST likely receive?

• A.Option C
• B.Option B
• C.Option A
• D.Option D

Comment: *

Name: *

Email: *

Verification: *

Given the following code:

Which of the following data structures is systems?

• A.A tuple
• B.A tree
• C.An array
• D.A dictionary

Comment: *

Name: *

Email: *

Verification: *

A penetration tester finds a PHP script used by a web application in an unprotected internal source code repository. After reviewing the code, the tester identifies the following:

Which of the following combinations of tools would the penetration tester use to exploit this script?

• A.Burp Suite and DIRB
• B.Netcat and cURL
• C.Hydra and crunch
• D.Nmap and OWASP ZAP

Comment: *

Name: *

Email: *

Verification: *