Question 1

Fill in the blank: In patch reversal techniques, the attacker typically analyzes __________ to identify how the patch modifies the system behavior.

Options :

A : the user feedback

B : the security advisories

C : the patch binary

D : the system logs

Answer: C

Question 2

Fill in the blank: "________ is a command that can be used to capture and analyze network traffic in a SCADA system to detect potential security issues."

Options :

A : Wireshark --display-filter modbus

B : tshark -i [interface] -d tcp.port==502,modbus

C : tcpdump -i [interface] port 502

D : netcat -l -p 502 -i [interface]

Answer: C

Question 3

In a penetration test, what is a recommended initial step when targeting a system known to lack a specific critical patch?

Options :

A : execute a denial of service attack to test the system’s responsiveness to unpatched vulnerabilities.

B : Perform a full network scan to identify all open ports and running services.

C : Immediately attempt to exploit the vulnerability without further reconnaissance.

D : conduct a version scan to determine the exact patch level of the system.

Answer: D

Question 4

Which document is most critical for detailing the objectives and rules for a penetration testing engagement?

Options :

A : Statement of Work (SOW)

B : Rules of Engagement (RoE)

C : Master Service Agreement (MSA)

D : Penetration Testing Execution Standard (PTES)

Answer: A

Question 5

Which command would you use to test the ability to move between different network zones?

Options :

A : sudo nmap --packet-trace -p 1-65535 192.168.1.0/24

B : traceroute -T --port=80 192.168.100.1

C : ping 192.168.2.1 -t -l 1400

D : netstat -an | grep ESTABLISHED

Answer: A

Free CPENT Mock Exam – Practice Online Confidently

Buying Options: