Security and Assessment and Testing One of the actions that attackers typically
ID: 3904185 • Letter: S
Question
Security and Assessment and Testing
One of the actions that attackers typically attempt after compromising a system is to acquire the ability to mimic a normal privileged user. What is one way in which they may accomplish this?
Rebooting the compromised host
Exporting the password hash table
Pivoting from the compromised host to another target
Adding a privileged user account
3.85 points
QUESTION 3
Which of the following is not normally an element of user accounts management audits?
Suspended accounts
Signed AUPs
Password hashing
Privileged accounts
3.85 points
QUESTION 4
Vulnerability scans normally involve all of the following except which one?
The identification of active hosts on the network
The identification of operating systems
The identification of malware on all hosts
The identification of misconfigured settings
3.85 points
QUESTION 5
Synthetic transactions are best described as
Transactions that are synthesized from multiple users’ interactions with the system
Real user monitoring (RUM)
A way to test the behavior and performance of critical services
Transactions that fall outside the normal purpose of a system
a.Rebooting the compromised host
b.Exporting the password hash table
c.Pivoting from the compromised host to another target
d.Adding a privileged user account
Explanation / Answer
1. d. Adding a privileged user account
when the attacker got access to the system he will get the access of privileged user account and with this, he will freely access all the things in the system.
Question 3:-
b. Signed AUPs
Question 4:-
b. The identification of operating systems
Vulnerability scan identifies the hosts, malware and settings which are configured wrongly to get the system compromised.
Question 5:-
c.A way to test the behavior and performance of critical services