Comptia Pentest+ 2023 Questions and answer - Part 21
1. Ryan is conducting a penetration test and is targeting a database server. Which one of the following tools would best assist him in detecting vulnerabilities on database server?
A) Sqlmap
B) OpenVAS
C) Nessus
D) Nikto
2. _________________ is the most popular Web Reconnaissance framework used for information gathering purpose as well as network detection.
A) Maltego
B) Whois Application
C) Domain Dossier tool
D) Recong-ng
3. Which one of the following tool can be used to view web server information?
A) Netstat
B) Netcraft
C) Nslookup
D) Wireshark
4. To extract information regarding domain name registration, which of the following is most appropriate?(Select 2answers)
A) Whois lookup
B) DNS lookup
C) Maltego
D) Recong-ng
5. Which of the following tools is used for Banner Grabbing?
A) SCP
B) SSH
C) Telnet
D) Nmap
A) Sqlmap
B) OpenVAS
C) Nessus
D) Nikto
2. _________________ is the most popular Web Reconnaissance framework used for information gathering purpose as well as network detection.
A) Maltego
B) Whois Application
C) Domain Dossier tool
D) Recong-ng
3. Which one of the following tool can be used to view web server information?
A) Netstat
B) Netcraft
C) Nslookup
D) Wireshark
4. To extract information regarding domain name registration, which of the following is most appropriate?(Select 2answers)
A) Whois lookup
B) DNS lookup
C) Maltego
D) Recong-ng
5. Which of the following tools is used for Banner Grabbing?
A) SCP
B) SSH
C) Telnet
D) Nmap
1. Right Answer: A
Explanation: Sql map is a dedicated database vulnerability scanner and is the most appropriate tool for use in this scenario. Ryan might discover the same vulnerabilities using the general purpose Nessus or OpenVAS scanners, but they are not dedicated database vulnerability scanning tools. Nikto is a web application vulnerability scanner.
2. Right Answer: B
Explanation: Website Footprinting includes monitoring and investigating the target organization's official website for gaining information such as Software running, versions of these software, Operating Systems, Sub-directories, database, scripting information, and other details. This information can be gathered online by services such as, netcraft.com or by using software such as Burp Suite, Zaproxy, Website Informer, Firebug, and others.
3. Right Answer: A
Explanation: : 'WHOIS' helps to gain information regarding domain name, ownership information, IP Address, Netblock data, Domain Name Servers and other information. WHOIS database is maintained by Regional Internet Registries (RIR).
4. Right Answer: C,D
Explanation: Telnet, Nmap, Curl, Netcat are the tools that are popularly used for banner grabbing.
5. Right Answer: A
Explanation:
Explanation: Sql map is a dedicated database vulnerability scanner and is the most appropriate tool for use in this scenario. Ryan might discover the same vulnerabilities using the general purpose Nessus or OpenVAS scanners, but they are not dedicated database vulnerability scanning tools. Nikto is a web application vulnerability scanner.
2. Right Answer: B
Explanation: Website Footprinting includes monitoring and investigating the target organization's official website for gaining information such as Software running, versions of these software, Operating Systems, Sub-directories, database, scripting information, and other details. This information can be gathered online by services such as, netcraft.com or by using software such as Burp Suite, Zaproxy, Website Informer, Firebug, and others.
3. Right Answer: A
Explanation: : 'WHOIS' helps to gain information regarding domain name, ownership information, IP Address, Netblock data, Domain Name Servers and other information. WHOIS database is maintained by Regional Internet Registries (RIR).
4. Right Answer: C,D
Explanation: Telnet, Nmap, Curl, Netcat are the tools that are popularly used for banner grabbing.
5. Right Answer: A
Explanation:
Comments
0
CA Foundation Business Economics Questions 2023 - Part 32
03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 31
03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 29
03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 28
03 Mar 2023
