Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

PenTest+ > Michael Solomon CompTIA Pentest+ Quiz 4 > Flashcards

Michael Solomon CompTIA Pentest+ Quiz 4 Flashcards

1
Q 
Which nmap option will disable the ping step for each target and assume that all targets are alive? 
A.-sn
B.-sP
C.-xP
D.-Pn
A

D.-Pn

The -Pn option of nmap disables host discovery and conducts port scanning only. The opposite option is -sn, which disables port scanning and only conducts host discovery. The -sP and -xP options are not valid nmap options.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q 
Instead of specifying multiple nmap targets at the command line, you can list desired targets in a text file and have nmap user that target listing file. Which nmap command would use the ‘targets.txt’ file as input? 
A.nmap -sV -O << targets.txt
B.nmap -sS -O -iL targets.txt
C.nmap -A -iT targets.txt
C.nmap -A -iT targets.txt
D.nmap -T4 targets.txt
A

B.nmap -sS -O -iL targets.txt

The -iL option of nmap tells the utility to read the target list from the supplied file. The correct answer is nmap -sS -O -iL targets.txt. All other nmap commands are incorrect.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q 
If you plan to use Linux utilities to search through nmap output and import the output into an application that expects XML, which nmap option would provide the types of output you’ll need? 
A.-oG
B.-oA
C.-oN
D.-oX
A

B.-oA

Since you will need both XML and output with which you can use the grep utility, the combined output option, -oA is the correct answer. The -oX option only produces XML output, the -oG options only produces greppable output, and the -oN option only produces normal output.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q 
Which penetration testing tool provides the ability to develop and execute exploit code against specific targets?  
A.Metasploit framework
B.Burp Suite
C.Wireshark
D.nmap
A

A.Metasploit framework

The Metasploit framework allows penetration testers to develop and execute exploit code against multiple targets. The other tools listed are helpful in collecting information and setting up attacks, but only the Metasploit framework satisfies the complete question.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What does the following command do?

Logged in on 10.10.1.10:

root@10.10.1.10:~# nc -lvp 4444 -e /bin/bash

Logged in on 10.10.1.12:

root@10.10.1.12:~# nc 10.10.1.10 4444
A.Sets up a bind shell on victim computer at 10.10.1.12
B.Sets up a reverse shell on victim computer at 10.10.1.10
C.Sets up a bind shell on victim computer at 10.10.1.10
D.Sets up a reverse shell on victim computer at 10.10.1.12

A

C.Sets up a bind shell on victim computer at 10.10.1.10

The commands provided set up a bind shell on the victim computer at 10.10.1.10. Since the shell is executed at 10.10.1.10 and accessed remotely from the attacker computer, this is a bind shell. If the shell was run on the attacker computer and accessed remotely from the victim computer, you would be setting up a reverse shell.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q 
Which   tool would be most useful for setting up a proxy connection between a client   and a server?     
A.Burp Suite
B.Wireshark
C.Impacket
D.BeEF
A

A.Burp Suite

Burp suite provides the ability to easily set up a proxy connection between clients and one or more hosts. This tool gives pen testers the ability in intercept, and even change, network packets as they travel between clients and servers. BeEF is a framework for exploiting web browsers, Impacket is a Python library for working with network traffic, and wireshark is a network protocol analyzer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

The following script excerpt is written in what language?

number = -10

if number > 0

puts “#{number} is greater than 2”

else

puts “#{number} is negative”

end 
A.PowerShell
B.Bash
C.Python
D.Ruby
A

D.Ruby

Ruby uses the “puts” command to write output to the terminal. Also, the way in which variable values are accessed, “#{number}”, shows that this is Ruby syntax.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

The following script excerpt is written in what language?

number=-10

if [ $number -gt 0 ]

then

    echo $number is bigger than zero

else

    echo $number is negative 
fi 
A.PowerShell
B.Ruby
C.Python
D.Bash
A

D.Bash

The “echo” command, along with the syntax of the if statement “if [ $number -gt 0 ]” and block end, “fi”, show that this is bash shell script syntax.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

The following script excerpt is written in what language?

number = -10

if number > 0:

print('%d is bigger than zero' % number)

else:

    print('%d is negative' % number) 
A.Python
B.Ruby
C.PowerShell
D.Bash
A

A.Python

The colon “:” at the end of the “if” block, the lack of any keyword to end a block, and the use of the “print()” statement show that this code is Python syntax.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

The following script excerpt is written in what language?

$Number = -10

If ($Number -gt 0) {“$Number is bigger than zero”}

elseIf ($Number -lt 0) {"$Number is negative"} 
A.Ruby
B.PowerShell
C.Bash
D.Python
A

B.PowerShell

The variable name prefix of “$” and the use of “elseif” show that this is PowerShell syntax.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

PenTest+ (80 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions