Multiple Choice
In an unprotected network file repository, a penetration tester discovers a text file containing usernames and passwords in cleartext and a spreadsheet containing data for 50 employees, including full names, roles, and serial numbers. The tester realizes some of the passwords in the text file follow the format: <name-serial_number> . Which of the following would be the best action for the tester to take NEXT with this information?
A) Create a custom password dictionary as preparation for password spray testing.
B) Recommend using a password manage/vault instead of text files to store passwords securely.
C) Recommend configuring password complexity rules in all the systems and applications.
D) Document the unprotected file repository as a finding in the penetration-testing report.
Correct Answer:
Verified
Correct Answer:
Verified
Q32: A company that developers embedded software for
Q33: A security engineer identified a new server
Q34: When preparing for an engagement with an
Q35: A software development team is concerned that
Q36: A penetration tester ran an Nmap scan
Q38: A penetration tester runs the unshadow command
Q39: A penetration tester is testing a web
Q40: A penetration tester writes the following script:
Q41: Which of the following BEST describe the
Q42: A company is concerned that its cloud