Related Questions

• You are a pen tester contracted to perform a vulnerability assessment on a client's PCI servers. Over the course of your assessment you set up a packet sniffer on that network segment and sniff incoming & outgoing TCP connections. During the course of this you notice some strange intermittent HTTP connections stemming from one of the servers to a known Command & Control server in Ukraine. On closer examination you determine that there is a .txt file being transferred each time. What actions should you take?
• The penetration testing process involves three phases. These are: the pre-attack phase, the attack phase, and the post attack phase. The post attack phase involves:
• Which type of penetration testing emulates an attack to evaluate incident handling and response abilities of the target network environment?
• Which of the following is not a penetration testing tool?
• Penetration is a combination of attack and which of the following?
• What's black box pen testing?
• Which of the following techniques is used to determine the topology of a network and discover any unknown devices?
• True or False: Having a clear understanding of a penetration test's scope is not really that important.
• A black box tester is trying to attempt data exfiltration. What is the tester likely to attempt after gaining access to the system?
• Which type of document is used during a security assessment that contains specific clauses on liabilities and disruption to business services?