CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
Comptia Pentest+ 2023 Questions and answer - Part 36
1. Suppose you are working with a /24 block of IP addresses but uncertain of which hosts are live. Intended to minimize screen output to only print the IP addresses responding to pings In order to implement this change in output, what modification could be made to this command?
A) The component >/dev/null of the sequence should be deleted
B) The component || echo 10. 2.$i UNAVAILABLE of the sequence should be deleted
C) The component | nc -nv 10. 3.2 4444 should be added to the end of the command sequence
D) The component > output.txt should be added to the end of the command sequence
2. In Linux privilege escalation, which of the following commands are the most useful while attempting to find potential OS-specific vulnerabilities for exploit? (Choose two)(Select 2answers)
A) uname -r
B) cat/etc/*release
C) sudo -l
D) sudo -V
3. For *nix operating systems, which privilege escalation technique is notable that allows attackers to control program execution on a target system without any need to write and deploy their own shellcode?
A) Heap Spraying
B) Stack Smashing
C) Ret2libc
D) NOP Sled
4. Which of the framework is designed to influence PowerShell to escalate privileges, move laterally and perform other post-exploitation activities in environments of Windows?
A) Mimikatz
B) UnmanagedPowerShell
C) Empire
D) Powersploit
5. Which command-line tool serves as a front-end search tool for exploits detailed in the Exploit Database provided by Offensive Security?
A) Responder
B) Impacket
C) Powersploit
D) Searchsploit
A) The component >/dev/null of the sequence should be deleted
B) The component || echo 10. 2.$i UNAVAILABLE of the sequence should be deleted
C) The component | nc -nv 10. 3.2 4444 should be added to the end of the command sequence
D) The component > output.txt should be added to the end of the command sequence
2. In Linux privilege escalation, which of the following commands are the most useful while attempting to find potential OS-specific vulnerabilities for exploit? (Choose two)(Select 2answers)
A) uname -r
B) cat/etc/*release
C) sudo -l
D) sudo -V
3. For *nix operating systems, which privilege escalation technique is notable that allows attackers to control program execution on a target system without any need to write and deploy their own shellcode?
A) Heap Spraying
B) Stack Smashing
C) Ret2libc
D) NOP Sled
4. Which of the framework is designed to influence PowerShell to escalate privileges, move laterally and perform other post-exploitation activities in environments of Windows?
A) Mimikatz
B) UnmanagedPowerShell
C) Empire
D) Powersploit
5. Which command-line tool serves as a front-end search tool for exploits detailed in the Exploit Database provided by Offensive Security?
A) Responder
B) Impacket
C) Powersploit
D) Searchsploit
1. Right Answer: B
Explanation: Net Shed is a proxy tool not an anonymizer.
2. Right Answer: A,B
Explanation: The most efficient means of minimizing output is to remove the command that only prints to the terminal if a host does not respond to ICMP requests and the majority of the IP addresses in question are suspected to be unavailable.
3. Right Answer: C
Explanation: Kernel version of a Linux host is returned uname -r , a more focused search for kernel-level exploits is facilitated. The specific release of a Linux host-s operating system is returned and a search for an exploit path can be focused by using this.
4. Right Answer: C
Explanation: The attack ret2libc is a type of buffer overflow. The existing subroutines in an application are exploited and writing a shellcode specifically for the attack is made unnecessary. The other options; NOP sled, or NOP slide, is a buffer overflow attack technique..
5. Right Answer: D
Explanation: Empire is the described framework. It relies on agents that run on target systems (PowerShell 2.0 for Windows; Python 2.6/2.7 for Linux and macOS) PowerShell agents are then run by using them without invoking PowerShell and modules for keylogging, Mimikatz, and various other functions are provided. Components of other open-source projects are integrated and numerous simple, post-exploitation tools are more effectively presentable with Empire.
Explanation: Net Shed is a proxy tool not an anonymizer.
2. Right Answer: A,B
Explanation: The most efficient means of minimizing output is to remove the command that only prints to the terminal if a host does not respond to ICMP requests and the majority of the IP addresses in question are suspected to be unavailable.
3. Right Answer: C
Explanation: Kernel version of a Linux host is returned uname -r , a more focused search for kernel-level exploits is facilitated. The specific release of a Linux host-s operating system is returned and a search for an exploit path can be focused by using this.
4. Right Answer: C
Explanation: The attack ret2libc is a type of buffer overflow. The existing subroutines in an application are exploited and writing a shellcode specifically for the attack is made unnecessary. The other options; NOP sled, or NOP slide, is a buffer overflow attack technique..
5. Right Answer: D
Explanation: Empire is the described framework. It relies on agents that run on target systems (PowerShell 2.0 for Windows; Python 2.6/2.7 for Linux and macOS) PowerShell agents are then run by using them without invoking PowerShell and modules for keylogging, Mimikatz, and various other functions are provided. Components of other open-source projects are integrated and numerous simple, post-exploitation tools are more effectively presentable with Empire.
Tags:
comptia it exams it certification exams it certifications 2023 comptia exam comptia certification comptia questions comptia a+ comptia exam prep comptia 2023 compti prep materials comptia practice exams questions and answers practice tests test question test comptia a+ comptia a+ 1001 comptioa a+ 1002 comptia casp comptia cloud comptia cysa comptia it fundamentals comptia linux comptia network+ comptia security+ linux essentials0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment