A pentester gains acess to a Windows application server and needs to determine the settings of
the built-in Windows firewall. Which command would be used?

The following is a sample of output from a penetration tester’s machine targeting a machine with
the IP address of 192.168.1.106:

What is most likely taking place?

A tester is attempting to capture and analyze the traffic on a given network and realizes that the
network has several switches. What could be used to successfully sniff the traffic on this switched
network? (Choose three.)

A newly discovered flaw in a software application would be considered which kind of security
vulnerability?

What are the three types of authentication?

What are the three types of compliance that the Open Source Security Testing Methodology
Manual (OSSTMM) recognizes?

While checking the settings on the internet browser, a technician finds that the proxy server
settings have been checked and a computer is trying to use itself as a proxy server. What specific
octet within the subnet does the technician see?

Which of the following business challenges could be solved by using a vulnerability scanner?

Which of the following is a hardware requirement that either an IDS/IPS system or a proxy server
must have in order to properly function?

If an e-commerce site was put into a live environment and the programmers failed to remove the
secret entry point that was used during the application development, what is this secret entry point
known as?