CompTIA Pentest+ for Dummies Chapter 8 Prep Test Flashcards

1
Q

You are authorized to perform a pentest for an organization.
You have exploited one of the target systems and wish to discover other systems on the network.
What meterpreter command would you use?
(A) run post/ windows/ gather/ hashdump
(B) run arp_scanner
(C) sysinfo
(D) run killav

A

(B) run arp_scanner

Explanation:
You can use the run arp_scanner command and include the IP range as a parameter to detect other systems that exist on the same network as the target.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q
You exploited a Windows system and wish to record the keystrokes of the victim. What must you do before you can start recording keystrokes?
(A) Kill antivirus software
(B) Obtain a shell 
(C) Enable the webcam 
(D) Migrate to the explorer.exe process
A

(D) Migrate to the explorer.exe process

Explanation:
Before you can record keystrokes from a meterpreter session, you must attach to explorer.exe using the migrate command first

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q
3. You are a penetration tester and have gained access to a remote system using a meterpreter payload. A few days later you attempt to exploit the system again and are unable to. Which of the following represents the best reason why? 
(A) The system has been patched
 (B) Meterpreter is out of date 
(C) The system no longer exists
(D) The network IP range changed
A

(A) The system has been patched

Explanation:
The reason the exploit worked the first time is becaused there was a vulnerability on the system.

It is likely the admin patched the system to remove the vulnerability, which is why you cannot exploit the same technique.

THis is why you want to create a backdoor after exploiting the system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q
4. What command do you need to use to specify that you wish to obtain a meterpreter session when the exploit is executed? 
(A) set payload 
(B) msfconsole 
(C) use exploit
(D) hashdump
A

(A) set payload

Explanation:
You would set the payload of the exploiit you are using to a meterpreter payload.

The payload is the type of attack being performed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

You wish to perform a port scan after obtaining a meterpreter session on a target system. You placed the meterpreter session in the background and added a route to the meterpreter session for the target network. What command would allow you to set up a port scan?
(A) use auxiliary/ tcp
(B) use exploit
(C) net user
(D) use auxiliary/ scanner/ portscan/ tcp

A

(D) use auxiliary/ scanner/ portscan/ tcp

Explanation:
You can use the portscan auxiliary module to perform a port scan on the network and identify services running on other systems. 

The goal is that you will try to exploit these systems in order to move laterally across the network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q
You wish to maintain access to the system after you have exploited it. What could you do to maintain access? (Choose two.) 
(A) Truncate the logs 
(B) Create an administrative account 
(C) Capture keystrokes
(D) Run a daemon
A

(B) Create an administrative account
(D) Run a daemon

Explanation:
You can maintain access to a system, also known as persistence by creating a backdoor on the system in the form of a user account or service (or daemon) running in the background

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q
You wish to cover your tracks by clearing the logs on a Linux system. What command would you use? 
(A) truncate -s 0 logfile 
(B) clearlog logfile 
(C) dellog logfile 
(D) purgelog logfile
A

(A) truncate -s 0 logfile

Explanation:
You can use the truncate command in Linux to delete content from a log file

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q
You are trying to capture the keystrokes from a meterpreter session. You migrated to explorer.exe and have run the keyscan_start command, but keystrokes do not appear. What should you do?
 (A) keyscan_stop 
 (B) keyscan_dump 
 (C) migrate explorer.exe 
 (D) keyscan_print
A

(B) keyscan_dump

Explanation:
To view the keystrokes that were captured, you need to run the ‘keyscan_dump’ command

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

You wish to make a call on a remote system and run a command prompt
on that system. What command would you use?
(A) start
(B) runas
(C) psexec
(D) whoami

A

(C) psexec

Explanation:
PSExec is a command that allows you to make a remote call to a system and execute a program on that system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q
You jumped out of your meterpreter session to do a port scan. What command would you use to view the list of meterpreter sessions? 
(A) listsession 
(B) show-sessions 
(C) sessions 
(D) displaysessions
A

(C) sessions

Explanation:
To display a list of meterpreter sessions on your Kali system, you can use the sessions command

How well did you know this?
1
Not at all
2
3
4
5
Perfectly