This page was exported from Free valid test braindumps [ http://free.validbraindumps.com ]

Export date:Sat Apr 5 15:30:16 2025 / +0000 GMT

___________________________________________________


Title: Free GPEN pdf Files With Updated and Accurate Dumps Training [Q107-Q128]

---------------------------------------------------



 Free GPEN pdf Files With Updated and Accurate Dumps Training
Top-Class GPEN Question Answers Study Guide

Topics of GPEN Exam
Candidates must know the exam topics before they start of preparation. Because it will really help them in hitting the core. Our GPEN exam dumps will include the following topics:
Pentesting processVulnerability scanningPentesting foundationsMetasploitWeb application attacksInitial target scanningPentesting using PowerShellPassword attacksExploitation fundamentalsenetration testing using the Windows command lineReconnaissanceScanning for targetsWeb application reconnaissanceAdvanced password attacks

 


QUESTION 107You are pen testing a system and want to use Metasploit 3.X to open a listening port on the system so you can access it via a netcat shell. Which stager would you use to have the system listen on TCP port 50000?
 Reverse.tcp
 Bind.tcp
 Fincltag.ord
 Passivex
Section: Volume AQUESTION 108Which of the following are countermeasures to prevent unauthorized database access attacks?Each correct answer represents a complete solution. Choose all that apply.
 Removing all stored procedures
 Input sanitization
 Applying strong firewall rules
 Session encryption
QUESTION 109You are pen testing a Windows system remotely via a raw netcat shell. You want to get a listing of all the local users in the administrators group, what command would you use?
 Net account administrators
 Net user administrators
 Net localgroup administrators
 Net localuser administrators
Section: Volume AQUESTION 110Which of the following is the feature that separates the use of Rainbow Tables from other applications such as Cain or John the Ripper?
 Salts are used to create massive password databases for comparison.
 Applications take advantage of 64-bit CPU processor and multithread the crackingprocess.
 Data Is aligned efficiently in the rainbow tables making the search process quicker
 Raw hashed passwords are compared to pre-calculated hash tables.
Section: Volume AQUESTION 111Analyze the command output below. Given this information, which is the appropriate next step for the tester?Starting Nmap4.53 (hnp://insecure.org I at2010-09-30 19:13 EDT interesting ports on 192.163.116.101:PORT STATE SERVICE130/tcp filtered cisco-fna131/tcp filtered cisco-tna132/tcp filtered cisco-sys133/tcp filtered statsrv134/tcp filtered Ingres-net135/tcp filtered msrpc136/tcp filtered profile137/tcp filtered netbios-ns138/tcp filtered netbios-dgm139/tcp open netbios-ssn140/tcp filtered emfis-dataMAC Address: 00:30:1&:B8:14:8B (Shuttle)warning: OSS can results may be unreliable because we could not find at least l open and l closed port Device type, general purpose Running: Microsoft Windows XP OS details: Microsoft Windows XP SP2 Network Distance : 1 hop Nmap done: I IP address (I host up) scanned in l .263 seconds
 Determine the MAC address of the scanned host.
 Send a single SYN packet to port 139/tcp on the host.
 Send spoofed packets to attempt to evade any firewall
 Request a list of shares from the scanned host.
Section: Volume AQUESTION 112Which of the following is a method of gathering user names from a Linux system?
 Displaying the owner information of system-specific binaries
 Reviewing the contents of the system log files
 Gathering listening services from the xinetd configuration files
 Extracting text strings from the system password file
Reference:https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/pdf/Security_Guide/Red_Hat_Enterprise_Linux-6Security_Guide-en-US.pdfQUESTION 113Which of the following can be used as a countermeasure to the rainbow password attack?
 Using salt in the password
 Using alphanumeric characters
 Using hashed password
 Using 8 character password
QUESTION 114You run the following bash script in Linux:for i in ‘cat hostlist.txt’ ;do nc -q 2 -v $i 80 < request.txt done where, hostlist.txt file contains the list of IP addresses and request.txt is the output file.Which of the following tasks do you want to perform by running this script?
 You want to perform port scanning to the hosts given in the IP address list.
 You want to transfer file hostlist.txt to the hosts given in the IP address list.
 You want to perform banner grabbing to the hosts given in the IP address list.
 You want to put nmap in the listen mode to the hosts given in the IP address list.
Section: Volume BExplanation/Reference:QUESTION 115Identify the network activity shown below;
 A sweep of available hosts on the local subnet
 A flood of the local switch’s CAM table.
 An attempt to disassociate wireless clients.
 An attempt to impersonate the local gateway
QUESTION 116Which of the following is a WEP weakness that makes it easy to Inject arbitrary clear text packets onto a WEP network?
 Reversible hashes use for IVs
 Cryptographically weak CRC32 checksum
 RC4 algorithm
 Small key space
QUESTION 117Which of the following options holds the strongest password?
 Joe12is23good
 $#164aviD^%
 california
 Admin1234
Section: Volume DQUESTION 118Which of the following is the frequency range to tune IEEE 802.11a network?
 1.15-3.825 GHz
 5.15-5.825 GHz
 5.25-9.825 GHz
 6.25-9.825 GHz
QUESTION 119Which of the following is the most common method for an attacker to spoof email?
 Back door
 Replay attack
 Man in the middle attack
 Open relay
Section: Volume DQUESTION 120You work as a Penetration Tester for the Infosec Inc. Your company takes the projects of security auditing.Recently, your company has assigned you a project to test the security of the we-aresecure. com Web site. For this, you want to perform the idle scan so that you can get the ports open in the we-are-secure.com server. You are using Hping tool to perform the idle scan by using a zombie computer. While scanning, you notice that every IPID is being incremented on every query, regardless whether the ports are open or close. Sometimes, IPID is being incremented by more than one value. What may be the reason?
 The zombie computer is the system interacting with some other system besides your comp uter.
 The firewall is blocking the scanning process.
 The zombie computer is not connected to the we-are-secure.com Web server.
 Hping does not perform idle scanning.
Section: Volume BQUESTION 121You have compromised a Windows XP system and Injected the Meterpreter payload into the lsass process. While looking over the system you notice that there is a popular password management program on the system. When you attempt to access the file that contains the password you find it is locked. Further investigation reveals that it is locked by the passmgr process. How can you use the Meterpreter to get access to this file?
 Use the getuid command to determine the user context the process is runningunder, then use the imp command to impersonate that user.
 use the getpid command to determine the user context the process is runningunder, then use the Imp command to impersonate that user.
 Use the execute command to the passmgr executable. That will give you access to the file.
 Use the migrate command to jump to the passmgr process. That will give you accessto the file.
QUESTION 122You work as a Penetration Tester for the Infosec Inc. Your company takes the projects of security auditing.Recently, your company has assigned you a project to test the security of the we-aresecure. com network.Now, when you have finished your penetration testing, you find that the weare- secure.com server is highly vulnerable to SNMP enumeration. You advise the we-are-secure Inc. to turn off SNMP; however, this is not possible as the company is using various SNMP services on its remote nodes. What other step can you suggest to remove SNMP vulnerability?Each correct answer represents a complete solution. Choose two.
 Close port TCP 53.
 Change the default community string names.
 Upgrade SNMP Version 1 with the latest version.
 Install antivirus.
Section: Volume CExplanationQUESTION 123While performing a code audit, you discover a SQL injection vulnerability assuming the following vulnerable query, what user input could be injected to make the query true and return data?select * from widgets where name = ‘[user-input]’;
 ‘or 1=1
 ‘or l=l…
 ‘or 1=1–
 ‘or l=1’
QUESTION 124Which of the following layers of TCP/IP model is used to move packets between the Internet Layer interfaces of two different hosts on the same link?
 Application layer
 Link layer
 Internet layer
 Transport Layer
QUESTION 125A penetration tester used a client-side browser exploit from metasploit to get an unprivileged shell prompt on the target Windows desktop. The penetration tester then tried using the getsystem command to perform a local privilege escalation which failed. Which of the following could resolve the problem?
 Load priv module and try getsystem again
 Run getuid command, then getpriv command, and try getsystem again
 Run getuid command and try getsystem again
 Use getprivs command instead of getsystem
QUESTION 126Which of the following tools can be used by a user to hide his identity?Each correct answer represents a complete solution. Choose all that apply.
 IPchains
 Rootkit
 Proxy server
 War dialer
 Anonymizer
QUESTION 127Which of the following tools can be used to perform brute force attack on a remote database?Each correct answer represents a complete solution. Choose all that apply.
 FindSA
 SQLDict
 nmap
 SQLBF
QUESTION 128When attempting to crack a password using Rainbow Tables, what is the output of the reduction function?
 A new potential chain
 A new potential table
 A new potential password
 A new potential hash
Explanation/Reference:Reference:http://en.wikipedia.org/wiki/Rainbow_table Loading …






	
	

Real Updated GPEN Questions & Answers Pass Your Exam Easily: https://www.validbraindumps.com/GPEN-exam-prep.html


---------------------------------------------------


Images: https://free.validbraindumps.com/wp-content/plugins/watu/loading.gif
https://free.validbraindumps.com/wp-content/plugins/watu/loading.gif


---------------------------------------------------




---------------------------------------------------


Post date: 2022-06-15 14:06:57

Post date GMT: 2022-06-15 14:06:57

Post modified date: 2022-06-15 14:06:57

Post modified date GMT: 2022-06-15 14:06:57