IT Questions Bank Which living-off-the-land post-exploitation technique can get directory listings, copy and move files, get a list of running processes, and perform administrative tasks?ITExamAnswers asked 10 months ago • Ethical HackerWhat kind of channel is created by a C2 with a system that has been compromised?ITExamAnswers asked 10 months ago • Ethical HackerWhich two resources are C2 utilities? (Choose two.)ITExamAnswers asked 10 months ago • Ethical HackerWhich Meterpreter command is used to execute Meterpreter commands that are listed inside a text file and also to help accelerate the actions taken on the victim system?ITExamAnswers asked 10 months ago • Ethical HackerA cybersecurity student is learning about Netcat commands that could be used in a penetration testing engagement. Which Netcat command is used to connect to a TCP port?ITExamAnswers asked 10 months ago • Ethical HackerWhich resource is a lightweight and portable tool that allows the creation of bind and reverse shells from a compromised host?ITExamAnswers asked 10 months ago • Ethical HackerRefer to the exhibit. An attacker opens a port or a listener on the compromised system and waits for a connection. The goal is to connect to the victim from any system, execute commands, and further manipulate the victim. What type of malicious activity is being performed?ITExamAnswers asked 10 months ago • Ethical HackerWhich resource is a Windows utility that combines the old CMD functionality with a new scripting/cmdlet instruction set with built-in system administration functionality?ITExamAnswers asked 10 months ago • Ethical HackerWhat control category does system hardening belong to?ITExamAnswers asked 10 months ago • Ethical HackerHow is the score that CVSS provides interpreted?ITExamAnswers asked 10 months ago • Ethical HackerA document entitled “Building an Information Technology Security Awareness and Training Program” succinctly defines why security education and training are so important for users. The document defines ways to improve the security operations of an organization. Which document is being described?ITExamAnswers asked 10 months ago • Ethical HackerWhich example of administrative controls enables administrators to control what users can do at both broad and granular levels?ITExamAnswers asked 10 months ago • Ethical HackerWhich example of technical control is recommended to mitigate and prevent vulnerabilities such as cross-site scripting, cross-site request forgery, SQL injection, and command injection?ITExamAnswers asked 10 months ago • Ethical HackerWhich kind of event is a successful identification of a security attack?ITExamAnswers asked 10 months ago • Ethical HackerWhich kind of event occurs when an intrusion detection device identifies an activity as acceptable behavior and the activity is acceptable?ITExamAnswers asked 10 months ago • Ethical Hacker