GPEN Exam QuestionsBrowse all questions from this exam
Go to Exam

GPEN Exam - Question 14

A junior penetration tester at your firm is using a non-transparent proxy for the first time to test a web server. He sees the web site In his browser but nothing shows up In the proxy. He tells you that he just installed the non-transparent proxy on his computer and didn't change any defaults. After verifying the proxy is running, you ask him to open up his browser configuration, as shown in the figure, which of the following recommendations will correctly allow him to use the transparent proxy with his browser?

Show Answer
Correct Answer: A

The junior penetration tester can see the website in his browser but nothing shows up in the proxy because the port might not be correctly configured. The non-transparent proxy, also known as an explicit proxy, requires the browser to be configured to send traffic to the proxy's port. The default value shown in the HTTP proxy port field is 80, which is typically reserved for HTTP traffic and may not be the port the non-transparent proxy is listening on. To correctly use the non-transparent proxy with his browser, he should change the port value to match the port used by the non-transparent proxy.

Discussion

3 comments
Sign in to comment
devnullOption: A
Feb 20, 2022

I think A is right. Since he is specifying localhost as the proxy address, he should get the same result as specifying 127.0.0.1. Therefore, I think C is inappropriate.

Anonymous
Sep 4, 2024

These kinds of questions are not asked in the current exam. Please update the question book as soon as possible.

7a9cfefOption: A
Mar 12, 2025

A. He should change the PORT: value to match the port used by the non-transparent proxy. Correct: The non-transparent proxy works by intercepting the traffic between the browser and the internet. For the proxy to function correctly, the browser needs to know which port the proxy is running on. If the default port was not configured or is different from what the proxy is using, the browser won't send traffic through it. The tester should ensure the browser is configured to connect to the correct proxy port. @kou did you take the exam recently in the last 6 months?