CIS 213 Pentesting

The Payment Card Industry Data Security Standard is divided into how many requirements? a. 6 b. 10 c. 12 d. 5

c. 12

In order to promote a server to domain controller status, what services must be installed in addition to Active Directory Domain Services (ADDS)? a. Hyper-V Hypervisor b. DHCP Server c. File Server d. DNS Server

d. DNS Server

The cyber kill chain is a seven-step process describing the normal process of cyber attacks. Which step is described as "Intruder transmits weapon to target"? a. Weaponization b. Exploitation c. Installation d. Delivery

d. Delivery

SSL and TLS certificates provide additional security for an information system. It increases security by providing which of the following protections? a. Error checking b. Validation of data c. User identification d. Encryption

d. Encryption

The cyber kill chain from Lockheed Martin includes seven stages. Malware has been planted on the network and is now infecting the company assets. Which stage number does this installation occur in? a. Stage 5 b. Stage 3 c. Stage 2 d. Stage 4

a. Stage 5

When configuring an email server for the penetration testing lab, you must configure several services for the transfer of email to and from the domain. Which service is used to forward email to its destination? a. SNMP b. IMAP c. POP d. SMTP

d. SMTP

Rosco is working for a government agency. After finding out a colleague is engaged in espionage, Rosco uncovers that the employee is sending the intel to another competing organization. The employee is using their own vacation pictures to hide the intel reports. Which tool below is likely being used by Rosco's colleague? a. Steghide b. StagHorse c. Snow d. TinEye

a. Steghide

The ROE is defined as the dos and don'ts of pen testing. Some of the items specified include which of the following? a. Targets and method of tests to be performed b. Description of the services to be performed c. Disclosure of test results to the public d. Defines the client and service provider

a. Targets and method of tests to be performed

Ophelia is using NMAP and Nessus to scan SpearTrax Inc.'s webservers. By doing so, she can collect information about the operating system and services running on the system. This is an example of what type of reconnaissance? a. Active b. Passive c. Enumeration d. Public

a. Active

Which tool would allow a pen-tester to sniff details from a wireless network, including the potential to crack the network key? a. Aircrack-ng b. Netcat c. Recon-ng d. BeEF

a. Aircrack-ng

The cyber kill chain describes the need for an intruder to maintain access to the target. This activity can be ensured by installation of which of the following items? a. Backdoor b. Virus c. Worm d. Ransomware

a. Backdoor

Compliance requires an organization to conform to all the following that pertain to the company's business area except for what? a. Best practices b. Regulations c. Laws d. Policies

a. Best practices

Octavious was hired to complete a vulnerability assessment of a web server. He completed his vulnerability scan of Web Enterprises and has identified a serious and critical vulnerability on the server. A published exploit is available. What should Octavious do next? a. Document and report the vulnerability to Web Enterprises b. Scan the remaining servers to ensure they are vulnerable also c. Research the vulnerability and correct the vulnerability if a solution exists d. Attempt to use the exploit on the system to verify the vulnerability

a. Document and report the vulnerability to Web Enterprises

The GDPR requires an organization to meet several requirements as part of the regulation. One of these requirements is to establish a Data Protection Officer. This person's primary responsibility under GDPR is to do what? a. Ensure an organization is complying with GDPR laws b. Completes incident reports for IT security incidents c. Configures encryption of credit card terminals and systems d. Ensures all personal data is scrubbed from systems

a. Ensure an organization is complying with GDPR laws

Which term ensures the organizational activities are aligned to support the organization's business goals? a. Governance b. Compliance c. Scoping d. Risk

a. Governance

Scott and Cocoa are discussing their Axigen email server configuration for their lab. Scott mentions that users are receiving a huge amount of spam email. Cocoa responds that they should enable a spam setting that will temporarily block emails from unknown senders. Which setting should be turned on in Axigen? a. Greylisting b. Blacklisting c. SpamGuard d. Rejectguard

a. Greylisting

During which stage of the pen-test process does an individual perform active and passive reconnaissance of the target? a. Information gathering and vulnerability scanning b. Reporting and communicating results c. Attacking and exploiting d. Planning and scoping

a. Information gathering and vulnerability scanning

Which of the following provides a penetration testing virtual machine to test your skillset against? Choose the best answer. a. Metasploitable 2 b. DVWA c. Kali Linux d. Nessus

a. Metasploitable 2

When configuring a virtual machine, you set the network adapter to NAT. Why could this be bad and how does this differ from Host Only mode? a. NAT allows the VM to directly communicate with the LAN that the Host machine is connected to. This could allow attacks within the virtual environment to leak into the physical network. b. Host Only allows the VM to communicate with the host machine, but the host machine cannot communicate with the guest VM. This prevents updates from being able to occur on the host machine. c. NAT and Host Only both allow for communication to the LAN but in NAT mode, each VM is given their own unique IP from the host machine's LAN-connected DHCP server. This can cause confusion as to what system has which IP address. d. Host Only mode gives each system the same IP address from the physical LAN the host system is connected to and does not pose any additional risk.

a. NAT allows the VM to directly communicate with the LAN that the Host machine is connected to. This could allow attacks within the virtual environment to leak into the physical network.

Published in 2014 by the US government, this framework describes the five functions of a cybersecurity program: identify, protect, detect, respond, and recover. What framework is being described here? a. NIST Cybersecurity Framework b. MITRE ATT&CK Framework c. CISA Cybersecurity Framework d. EU Agency for Cybersecurity National Capabilities Assessment Framework

a. NIST Cybersecurity Framework

Balthazar has found contact information including names, email addresses, and phone numbers of employees of the RX Seven organization. As a member of the penetration testing team, he records this information for use in a social engineering attack against the employees during the test. Which step of the cyber kill chain has Balthazar just completed? a. Reconnaissance b. Command and control c. Weaponization d. Delivery

a. Reconnaissance

During which stage of the pen-test process does the cleanup of the targeted systems and network occur? a. Reporting and communicating results b. Information gathering and vulnerability scanning c. Planning and scoping d. Attacking and exploiting

a. Reporting and communicating results

Adrian has just located a target during the scanning that is not within the scope of operations or approved in the ROE. What should Adrian do next to scan the new target? a. Seek permission from the client to include the new target in a revised ROE. b. Scan the target using Nessus to document existing vulnerabilities. c. Document the new target in their report. d. Scan the system for its MAC address and look the system up using ARP.

a. Seek permission from the client to include the new target in a revised ROE.

A virtualization platform is used to accomplish what? a. To simulate a hardware device with an installed operating system b. To overwrite the OS of the system and experiment with something new c. To simulate an environment that allows the user to see the hardware d. To insert software glitches and allow a user to fix the problem

a. To simulate a hardware device with an installed operating system

The ROE will specify which of the following during the scope process? a. Who will receive the report after the test is complete b. The cost of the testing being performed c. The insurance policy and amounts of coverage d. The tool that will be used against the network

a. Who will receive the report after the test is complete

Novelie is working with Livia to monitor network traffic for the wireless network. Livia suggests using tcpdump, but Novelie prefers a GUI interface for monitoring. Which tool would allow them to visually view the live network traffic as it is captured? a. Wireshark b. Reaver c. SCAP d. Nessus

a. Wireshark

Xian needs to look up the DNS information of a Linux webserver by manually entering a command. Which command would he utilize? a. nslookup b. ipconfig c. IP addr d. dig

a. nslookup

Charlie wants to scrape a domain for useful contact information for SpearTrax Inc. Their domain address is speartrax.com. Which of the below commands could be used to accomplish this task? a. theharvester -d speartrax.com b. dig speartrax.com -email c. enum speartrax.com -l 500 d. nslookup speartrax.com

a. theharvester -d speartrax.com

Chad wants to see the pathway a packet may take to get to its destination. Which command will allow Chad to view these details? a. tracert b. hoptrace c. nslookup d. ping

a. tracert

Florence is searching the Internet for information about SpearTrax Inc. She has found lots of personnel information including emails and phone numbers. This is an example of what type of reconnaissance? a. Active b. Passive c. Public d. Enumeration

b. Passive

SpearTrax Inc. has decided to include their own IT department in the pen-testing preparation process. Which color is the appropriate label for these personnel? a. White b. Blue c. Purple d. Red

b. Blue

During a pen-test, Jason is utilizing a password cracker. To speed the process up, Jason wants to use a tool to generate a word list that he can then use with John the Ripper. Which tool would be able to perform such action? a. Patator b. CeWL c. Mimikatz d. Hydra

b. CeWL

Disclosure of sensitive data and making it available to unauthorized entities can bring undesired publicity and liability to a company. Disclosure attempts to destroy which property of the CIA triad? a. Integrity b. Confidentiality c. Availability d. Intelligence

b. Confidentiality

Disrupting communications of company data to an attacker is a defensive action that could be used to decrease the amount of damage caused by an attack. By doing so, which portion of the CIA triad is the company trying to protect most? a. Integrity b. Confidentiality c. Intrusion d. Availability

b. Confidentiality

Darren attempts an internal pen-test for his organization and finds that he cannot view certain network devices due to a permission violation. Darren changes his group membership and now finds he can access the entire network, including the finance server. He then decides to copy several files from the finance server. What should Darren have done in this situation to avoid a potential issue or trouble? a. Darren should have taken a finance course. b. Darren should have reported the permission issue. c. Darren should report the files he copied. d. Darren should not be in trouble since this is a pen-test.

b. Darren should have reported the permission issue.

Which of the following is not suggested by the PCI DSS testing guidelines? a. Conduct annual pen test from internal and external locations. b. Delete cardholder data immediately. c. Utilize antivirus software. d. Restrict access to systems.

b. Delete cardholder data immediately.

Gathering and recording detailed information about your target is best described as which of the following terms? a. Active reconnaissance b. Enumeration c. Public source reconnaissance d. Passive reconnaissance

b. Enumeration

To install an operating system in a virtual machine you must load the OS using an image of the optical installation disk (CD/DVD/Bluray). This is because there is not a physical optical disk drive on a virtual system. This file type uses which of the following file extensions? a. DMG b. ISO c. EXT d. IMG

b. ISO

The CIA triad includes all the following except? a. Confidentiality b. Intelligence c. Integrity d. Availability

b. Intelligence

Providing details of threat activities, techniques, and models is the purpose of which of the following frameworks? a. CISA Cybersecurity Framework b. MITRE ATT&CK Framework c. NIST Cybersecurity Framework d. EU Agency for Cybersecurity National Capabilities Assessment Framework

b. MITRE ATT&CK Framework

The GDPR requires an organization to meet several requirements as part of the regulation. One of these requirements includes the organization's data collection practices. This includes notifying the consumer how the data is collected and used by the organization. This ensures the customer can do what regarding their own data? a. Ensure the physical security of the data servers b. Modify what data is collected and shared c. Protect the data exchange process with third parties d. Change the encryption key of their data

b. Modify what data is collected and shared

A black box test means that a pen tester has been provided what information about the targets and network? a. Something about the target like an IP address b. Nothing about the target c. Only the first target d. Everything about the target

b. Nothing about the target

Which framework or methodology provides an online community of documentation and tools for testing applications that were developed for the web? a. NIST CSF b. OWASP c. OSSTMM d. MAST

b. OWASP

A pen testing methodology developed by a team of information security experts which provides a uniform set of requirements and steps that all testers should follow describes what methodology? a. NIST CSF b. PTES c. OSSTMM d. CISA CSF

b. PTES

Which document establishes the actual work to be completed by a pen tester for a client? a. NDA b. SOW c. SLA d. MSA

b. SOW

Understanding the complex compliance requirements of an organization, and testing that those requirements are met and maintained during a pen test can be difficult. The compliance standard that was defined to protect investors from fraudulent financial practices is which of the following? a. Gramm-Leach-Bliley Act (GLBA) b. Sarbanes-Oxley (SOX) Act c. Financial Industry Regulatory Authority (FINRA) d. Health Insurance Portability and Accountability Act (HIPAA)

b. Sarbanes-Oxley (SOX) Act

Domain controllers are best described as what? a. Servers used as file servers for important company documents. b. Specialized servers to manage an enterprise network and handle identity security requests. They have unique attack vectors and vulnerabilities because of the various services they offer. c. Servers that offer various services such as NTP, FTP, and DHCP for client machines. d. Servers that manage all security policies for the enterprise network including the firewall ACLs.

b. Specialized servers to manage an enterprise network and handle identity security requests. They have unique attack vectors and vulnerabilities because of the various services they offer.

A statement of work document contains five core elements. These include the services and metrics used to measure that expectations are met. Also included are the responsibilities of each party and actions if those expectations and services are not met. The final element outlines certain authorizations by the client and what other entities? a. Regulatory authorities b. Third-party service providers c. Consumers of the client d. Employees of the company

b. Third-party service providers

The definition of a penetration tester has changed over time, now including both physical on-site testing as well as remote testing of an organization. A penetration tester may be asked to complete a background check as part of their employment process. Which of the following best describes the purpose of the background check? a. To verify certifications b. To ensure the tester does not have a criminal record c. To ensure the tester went to school d. To verify where the tester lives

b. To ensure the tester does not have a criminal record

To execute the keyboard combination CTRL+ALT+DELETE in VirtualBox a user will need to do what first? a. Press the Enter key and select the key combination from the menu. b. Use the Virtual Keyboard in Virtual Box. c. Press the Tab key and select the first option, C+A+D, from the menu. d. Connect a second keyboard to the computer.

b. Use the Virtual Keyboard in Virtual Box.

The statement of work will define the details of the actual work that will be completed by the pen tester. This will also include all the following items and descriptions except for which of the following? a. Liability disclaimers b. Warranties of the work provided c. Location the services are to be performed at d. Compensation and payment schedule

b. Warranties of the work provided

OSINT tools provide a means to gather high-level details about an organization. Which of the following tools can be used to enumerate domain information about a target? a. FOCA b. Whois c. Shodan d. theHarvester

b. Whois

Sally has decided to start a company and wants to build a website. She first needs to purchase her domain name and establish the SOA entry details for the domain. Which of the following could assist her in accomplishing this? a. nslookup b. a registrar c. dig d. whois

b. a registrar

Password lists are being populated and updated regularly using stolen account information from data breaches. This can be used against a company to crack accounts on the network. Websites exist that can help tell if your account has been cracked. An example of these sites includes which of the following websites? a. pwnytime.com b. haveibeenpwed.com c. ivebeenpwned.com d. pwntastic.com

b. haveibeenpwed.com

Jameson wants to test a new alarm system on the network by sending several invalid packets to the service on port 4077. Which tool could Jameson use to manipulate the header information and allow them to monitor the response of the service? a. tcpdump b. hping3 c. Scapy d. Wireshark

b. hping3

Which of the following commands can be used to display the Internet protocol information of a NIC on a Windows node? a. arp b. ipconfig c. ifconfig d. netstat

b. ipconfig

Which command or tool was utilized to acquire the following data:Server: dns.googleAddress: 8.8.8.8Non-authoritative answer:Name: cmp-commerce-prod-public-408906920.us-east-1.elb.amazonaws.comAddresses: 54.204.164.20434.206.19.25334.206.66.16034.198.147.12752.6.46.188Aliases: www.cengage.comcmp-commerce-prod-ext-com.cloud.cengage.com a. dnsenum b. nslookup c. whois d. ipconfig

b. nslookup

A flaw in software, hardware, or procedures is known as what? a. An attack b. An exploit c. A vulnerability d. A mistake

c. A vulnerability

When training for penetration testing, a sandbox environment is commonly used. Which of the following best describes a sandbox? a. An open environment that allows you to experiment b. An area used to test hardware c. An isolated environment that allows you to experiment d. An area to solve problems with dirty equipment

c. An isolated environment that allows you to experiment

The people, processes, and technologies that store, process, or transmit cardholder data or sensitive authentication data is defined as what? a. PCI b. CCB c. CDE d. ISC

c. CDE

Purple team members have an objective to provide overarching support and training to both red and blue teams. What other purpose might the purple team serve during the penetration test? a. Social engineering b. Legal support c. Data analytics d. Damage control

c. Data analytics

Which of the following best describes the term "end of life" as it relates to software and operating systems? a. End of life means the software has died and is not functioning. b. End of life means the application is no longer useful to the public. c. End of life means the developer is no longer going to support the operating system. d. End of life means the application is not being sold any more but will continue to be supported by the developer.

c. End of life means the developer is no longer going to support the operating system.

You are attempting to install an appliance into Oracle's VirtualBox hypervisor. Which menu path is utilized to accomplish this? a. File->Add New Appliance b. Machine->New Appliance c. File->Import Appliance d. Machine->Import Appliance

c. File->Import Appliance

Which regulation or standard controls how financial institutions handle customer private information? a. Health Insurance Portability and Accountability Act (HIPAA) b. Financial Industry Regulatory Authority (FINRA) c. Gramm-Leach-Bliley Act (GLBA) d. Sarbanes-Oxley (SOX) Act

c. Gramm-Leach-Bliley Act (GLBA)

Which of the following tests is conducted with some knowledge of the target systems? a. White b. Red c. Gray d. Black

c. Gray

You want to organize acquired data into a visual diagram that shows the interconnections between the data points. This can easily be achieved with which application or framework? a. Censys b. Domain Dossier c. Maltego d. FOCA

c. Maltego

Which tool from Microsoft is used to download official ISOs from the company? a. DVD Creator Pro b. Multimedia Creation Tool c. Media Creation Tool d. ISO Creator

c. Media Creation Tool

A peer reviewed methodology that is maintained by the Institute for Security and Open Methodologies (ISECOM) that guides the process of assessing systems, processes, and people within regulatory and industry requirements defines which framework or methodology? a. CISA CSF b. MITRE ATT&CK c. OSSTMM d. NIST CSF

c. OSSTMM

Social engineering attacks are commonly used as an entry point to exploit an organization and its systems. Sending fraudulent emails to elicit usernames, passwords, or other information that could lead to a security concern is an example of which type of social engineering attack? a. Spim b. Dumpster diving c. Phishing d. Shoulder surfing

c. Phishing

During a penetration test, Natalia and her team are focused on using tactics to exploit the weaknesses of the organization. Which team is Natalia part of? a. White b. Blue c. Red d. Yellow

c. Red

Red-team assessments are described in which manner? a. Red-team assessments test common security goals of the client. b. Red-team assessments are conducted by the client determining the method of attack. c. Red-team assessments do not focus on the specific vulnerabilities found, but simply if a system can be compromised. d. Red-team assessments are conducted with the cooperation of a blue team.

c. Red-team assessments do not focus on the specific vulnerabilities found, but simply if a system can be compromised.

Which authorizing document specifies the services to be provided to a client and formally establishes a relationship? a. SOW b. GLBA c. SLA d. MSA

c. SLA

The plan specifying what activities will be performed and what resources will be targeted during a pen test are included in which one of these documents? a. Rules of Engagement Document b. Governance Document c. Scope Document d. Requirements Document

c. Scope Document

Alessandra has been hired by Cyberdyne to investigate a possible data breach on a Linux cloud server. Alessandra is unsure of which provider the company uses, but wants to be best prepared to audit the services when approved. Which tool would be best utilized for this purpose? a. Cloud Janitor b. Pacu c. Scout Suite d. Censys

c. Scout Suite

PCI DSS is a compliance standard that is dictated by which organization? a. NIST Credit Compliance b. Credit Bureau Council c. Security Standards Council d. Financial Industry Regulatory Authority

c. Security Standards Council

How often should penetration tests be performed for segmentation controls under the PCI DSS? a. Monthly b. Quarterly c. Semi-annually d. Annually

c. Semi-annually

Robyn has identified several Bluetooth devices that are attempting to connect to the point-of-sale system. Which of the following tools would Robyn best employ to simulate an attack on the point-of-sale system? a. Reaver b. Kismet c. Spooftooph d. Fern

c. Spooftooph

Before an engagement kicks off, validation of the scope and all documents should be completed. This is completed with the client to ensure what? a. The exact systems that will be compromised b. The full budget and cost of the test that will be performed c. The client's requirements will be met d. Which vulnerabilities are going to be found

c. The client's requirements will be met

Jameson has just configured his pen testing lab and wants to export his virtual machines from VirtualBox so that his partner, Lenora, can then import them into her computer. She uses the Microsoft Hyper-V virtualization software and wants to make sure the appliances will work for her. Which format of virtual hard disk will Jameson need to have used during his setup to make this process easiest? a. QED b. VDI c. VHD d. HDD

c. VHD

To find the ip configuration of a Linux operating system node, which of the following commands should be run in Terminal? a. ipconfig b. netstat c. ifconfig d. arp

c. ifconfig

The GDPR requires an organization to meet several requirements as part of the regulation. One of these requirements is to report data breaches on time. The required timeline to make the initial report defines a maximum number of hours before an organization is violating GDPR and could face penalties. What are the maximum number of hours allowed? a. 96 b. 48 c. 24 d. 72

d. 72

Virgil has just utilized John the Ripper to crack passwords from the client's network. Tools like John the Ripper are utilized at what stage of the penetration testing process? a. Planning and scoping b. Information gathering and vulnerability scanning c. Reporting and communicating results d. Attacking and exploitation

d. Attacking and exploitation

A procedure that research and experience have shown to produce optimal results and has been proposed for widespread adoption is known as a what? a. Compliance Practice b. Standard c. Regulation d. Best Practice

d. Best Practice

Aurora is utilizing the OWASP ZAP application to gather information from a client's network. What sort of information can Aurora expect to elicit via this application? a. System user account names and web application used by the account b. Operating system version and service pack number c. Firewall configuration settings for web access d. Communication streams between web applications and web browsers

d. Communication streams between web applications and web browsers

Which of the following laws or regulations governs the personal information of citizens from the European Union when that information is stored in the United States? a. SOX b. GLBA c. PCI DSS d. GDPR

d. GDPR

According to NIST, risk is defined as the loss of the confidentiality, integrity, or availability of information, data, or systems and reflects the potential for what to occur? a. Theft b. Vulnerabilities c. Destruction d. Harm

d. Harm

Which regulation governs how firms handle private and sensitive health information without a patient's consent or knowledge? a. Gramm-Leach-Bliley Act (GLBA) b. Financial Industry Regulatory Authority (FINRA) c. Sarbanes-Oxley (SOX) Act d. Health Insurance Portability and Accountability Act (HIPAA)

d. Health Insurance Portability and Accountability Act (HIPAA)

At what stage of the pen-test process would Evan utilize programs such as Nmap and OpenVas? a. Planning and scoping b. Attacking and exploitation c. Reporting and communicating results d. Information gathering and vulnerability scanning

d. Information gathering and vulnerability scanning

Internal threat assessments and pen tests can give a false sense of the overall security posture of the organization. Why would this be true? a. External attackers must spend extra time gathering information and because of this they can be stopped easily while gathering that information. b. External attackers do not know as much as the internal tester and therefore they are less of a threat. c. Internal testers cannot attack from the outside of a network. d. Internal testers will have some knowledge about the targets and infrastructure.

d. Internal testers will have some knowledge about the targets and infrastructure.

Jacinda has used a stealth scan in Nmap and has identified several open ports. She now wants to use SQLMap and WPScan to identify any vulnerabilities with those ports. What is Jacinda trying to accomplish by using these two applications? a. Uncover evidence using digital forensics tools b. Increase the confidentiality of the data being transmitted c. Uncover data in the server that could be fraudulent d. Limit the company's exposure to attack

d. Limit the company's exposure to attack

The National Institute of Standards and Technology (NIST) provides Special Publications to assist IT personnel and companies in establishing procedures that govern information systems. Which Special Publication (SP) is the technical guide to information systems testing and assessment? a. SP 800-53 b. SP 800-128 c. SP 800-100 d. SP 800-115

d. SP 800-115

Unofficially defined as "data about data," this term is used to describe details about a document or file such as who created the file and possibly the GPS data from the camera a picture was taken on. What term is being described? a. Data render b. Fingerprint c. Properties d. Metadata

d. Metadata

Instead of manually installing an OS in a virtual machine, some vendors offer a preconfigured virtual machine. These devices are then imported as an appliance to the virtualization hypervisor. These systems are known as what? a. ISO b. AVO c. VMI d. OVA

d. OVA

During a pen-test, Adrienne was tasked with sifting through the electronic waste of a small business. By doing so, she was able to recover two hard drives from the garbage bin that contained corporate logs and credentials. This improper destruction of the hard drives violates the company policy. What should Adrienne do next? a. Physically destroy the drives using a shredder b. Wipe the drives using a software application c. Throw the hard drives back into the dumpster d. Report and advise the company of the data found

d. Report and advise the company of the data found

The purpose of a penetration test is to assist in the identification and mitigation of an organization's vulnerabilities. This helps to improve what for the organization? a. Employee morale b. Revenue c. Reputation d. Security posture

d. Security posture

Marco wants to learn more about the Internet-facing devices of the company. Which tool could he use that would provide this type of information while also causing minimal interruption to the corporate network? a. Nikto b. Retina c. Nessus d. Shodan

d. Shodan

Frequent backups should be utilized when making changes to a system or hardware device. These backups can help restore a device should it be compromised or malfunction. Virtualized environments are no different, but these unique environments allow for a special type of configuration capture known as what? a. Screenshot b. ISO image c. Image capture d. Snapshot

d. Snapshot

Cloud computing has gained massive popularity in recent years. Given that many organizations likely use cloud resources that are hosted by cloud service providers (CSP), permission to pen test those resources needs to be obtained from the CSP. This permission is normally specified in which document? a. Statement of Work b. Ownership Agreement c. Nondisclosure Agreement d. Third-Party Authorization

d. Third-Party Authorization

The applications kismet and vistumbler are used to gather intel about wireless networks through a specific activity. What is this activity? a. War walking b. War flying c. War stumbling d. War driving

d. War driving

Evan is assigned to perform reconnaissance of the SpearTrax Inc. organization. Which tool would be best used by Evan to complete this task? a. censys b. aircrack-ng c. domain dossier d. recon-ng

d. recon-ng