A penetration tester is attempting to discover live hosts on a subnet quickly. Which of the following commands will perform a ping scan?
Correct Answer:A
A company conducted a simulated phishing attack by sending its employees emails that included a link to a site that mimicked the corporate SSO portal. Eighty percent of the employees who received the email clicked the link and provided their corporate credentials on the fake site. Which of the following recommendations would BEST address this situation?
Correct Answer:A
A penetration tester discovers that a web server within the scope of the engagement has already been compromised with a backdoor. Which of the following should the penetration tester do NEXT?
Correct Answer:D
A new security firm is onboarding its first client. The client only allowed testing over the weekend and needed the results Monday morning. However, the assessment team was not able to access the environment as expected until Monday. Which of the following should the security company have acquired BEFORE the start of the assessment?
Correct Answer:B
Which of the following would MOST likely be included in the final report of a static application-security test that was written with a team of application developers as the intended audience?
Correct Answer:C