Which of the following commands will allow a penetration tester to permit a shell script to be executed by the file owner?
Question 2
A penetration tester gains access to a system and establishes persistence, and then run the following commands: Which of the following actions is the tester MOST likely performing?
Question 3
A compliance-based penetration test is primarily concerned with:
Question 4
A penetration tester is explaining the MITRE ATT&CK framework to a company's chief legal counsel. Which of the following would the tester MOST likely describe as a benefit of the framework?
Question 5
Which of the following BEST describe the OWASP Top 10? (Choose two.)
Question 6
A penetration tester discovered a vulnerability that provides the ability to upload to a path via discovery traversal. Some of the files that were discovered through this vulnerability are: Which of the following is the BEST method to help an attacker gain internal access to the affected machine?
Question 7
A company obtained permission for a vulnerability scan from its cloud service provider and now wants to test the security of its hosted data. Which of the following should the tester verify FIRST to assess this risk?
Question 8
A penetration tester ran the following command on a staging server: python -m SimpleHTTPServer 9891 Which of the following commands could be used to download a file named exploit to a target machine for execution?
Question 9
A penetration tester was able to gain access to a system using an exploit. The following is a snippet of the code that was utilized: Which of the following commands should the penetration tester run post-engagement?
Question 10
Which of the following is MOST important to include in the final report of a static application-security test that was written with a team of application developers as the intended audience?
