Question 6 of 400

If you want to only scan fewer ports than the default scan using Nmap tool, which option would you use?

Answer

Suggested Answer

The suggested answer is B.

If you want to scan fewer ports than the default scan using the Nmap tool, you would use the -F option. The -F flag stands for 'Fast mode' and instructs Nmap to scan fewer ports, typically focusing on the most common 100 ports, instead of the default 1000 ports. This allows for a quicker scan which can be useful when time is a critical factor or when a quick overview of the network’s most common open ports is desired.

Community Votes9 votes
BSuggested
100%
Question 7 of 400

Which of the following is the structure designed to verify and authenticate the identity of individuals within the enterprise taking part in a data exchange?

Answer

Suggested Answer

The suggested answer is D.

The correct structure designed to verify and authenticate the identity of individuals within the enterprise taking part in a data exchange is Public Key Infrastructure (PKI). PKI involves the use of digital certificates, encryption, and authentication mechanisms to ensure that the data being exchanged is secure and that the identities of the individuals involved are verified and authenticated.

Community Votes8 votes
DSuggested
100%
Question 8 of 400

You are tasked to perform a penetration test. While you are performing information gathering, you find an employee list in Google. You find the receptionist's email, and you send her an email changing the source email to her boss's email (boss@company). In this email, you ask for a pdf with information. She reads your email and sends back a pdf with links. You exchange the pdf links with your malicious links (these links contain malware) and send back the modified pdf, saying that the links don't work. She reads your email, opens the links, and her machine gets infected. You now have access to the company network. What testing method did you use?

Answer

Suggested Answer

The suggested answer is A.

The method used in the described scenario is social engineering. Social engineering involves manipulating individuals into performing actions or divulging confidential information. In this case, the attacker impersonated the receptionist's boss via email and manipulated her into opening malicious links. This technique relies not on technical vulnerabilities but on exploiting human behavior and trust, which is a classic example of social engineering.

Community Votes7 votes
ASuggested
100%
Question 9 of 400

If a tester is attempting to ping a target that exists but receives no response or a response that states the destination is unreachable, ICMP may be disabled and the network may be using TCP. Which other option could the tester use to get a response from a host using TCP?

Answer

Suggested Answer

The suggested answer is C.

If a tester is trying to get a response from a host using TCP and ICMP is disabled, the most appropriate tool would be TCP ping. TCP ping is designed specifically to check the reachability of a host by attempting to connect to a specified TCP port, which aligns perfectly with the requirement to use TCP instead of ICMP. While tools like Hping can also be used to craft and send TCP packets, TCP ping is a straightforward tool explicitly designed for exactly this purpose.

Community Votes4 votes
BMost voted
100%
Question 10 of 400

Which is the first step followed by Vulnerability Scanners for scanning a network?

Answer

Suggested Answer

The suggested answer is D.

In the context of vulnerability scanning, the first step is often to determine if the target or remote host is alive. This is crucial because there is no point in proceeding with further scanning activities like OS detection, firewall detection, or port scanning if the host is not active or does not respond. This initial step ensures that subsequent scans are only performed on hosts that are reachable and operational.

Community Votes3 votes
DSuggested
100%