Which of the following situations would MOST likely warrant revalidation of a previous security assessment?
Correct Answer:
D
The following PowerShell snippet was extracted from a log of an attacker machine:
A penetration tester would like to identify the presence of an array. Which of the following line numbers would define the array?
Correct Answer:
A
https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_arrays?view=powe
Appending string values onto another string is called:
Correct Answer:
C
A penetration tester writes the following script:
Which of the following is the tester performing?
Correct Answer:
D
-z zero-I/O mode [used for scanning]
-v verbose
example output of script: 10.1.1.1 : inverse host lookup failed: Unknown host (UNKNOWN) [10.0.0.1] 22 (ssh) open
(UNKNOWN) [10.0.0.1] 23 (telnet) : Connection timed out https://unix.stackexchange.com/questions/589561/what-is-nc-z-used-for
A penetration tester ran a simple Python-based scanner. The following is a snippet of the code:
Which of the following BEST describes why this script triggered a `probable port scan` alert in the organization's IDS?
Correct Answer:
B
Port randomization is widely used in port scanners. By default, Nmap randomizes the scanned port order (except that certain commonly accessible ports are moved near the beginning for efficiency reasons) https://nmap.org/book/man-port-specification.html
