1
Q
What is a Pass-the Ticket attack?
A
aim to steal kerberos tickets
2
Q
What is Kerberoasting?
A
Post compromise attack used for cracking Microsoft AD service account passwords
3
Q
Credential Stuffing uses
A
reuses known passwords
4
Q
SPN stands for?
A
Service Principle Name and is used in Kerberos systems
5
Q
LOLBins stand for?
A
Living of te Land attack
6
Q
Prowler is used for?
A
Security audits on AWS
7
Q
Is Prowler python based?
A
Yes
8
Q
Is Scout Suit open scource?
A
yes
9
Q
Scout Suit is used for?
A
performing security assessments on cloud environments
10
Q
Can Scout Suit be Agentless?
A
Yes
11
Q
Reflected XSS is
A
attacker input (usually from a URL, form or header) is reflected by the server
12
Q
DOM XSS lives
A
entirely in client-side JavaScript
CompTIA PentTest+
flashcards
Decks in class (21)
# Cards
-
Governance, Risk and Compliance23
-
Collaboration & Communication Activities7
-
Testing Frameworks & Methodologies26
-
Reporting and Remediation6
-
Reconnaissance & Enumeration13
-
Applying Enumeration Techniques12
-
Discovering & Analyzing Vulnerabilities13
-
Authentication Attacks14
-
Authentic attacks12
-
Wireless & Social Engineering Attacks18
-
Establishing Persistence29
-
Staging & Data Exfiltration13
-
LP - Exam Questions26
-
Nmap Commands21
-
CompTIA Mastery Course40
-
CompTIA Questions #237
-
THM - Course11
-
Post Exam Material84
-
Udemy Exams44
-
Udemy Videos83
-
Dion Training #242
