100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
CREST CPSA ACTUAL EXAM LATEST 2024/2025 DETAILED QUESTIONS AND VERIFIED CORRECT ANSWERS/ ALREADY GRADED A++ $20.99   Add to cart

Exam (elaborations)

CREST CPSA ACTUAL EXAM LATEST 2024/2025 DETAILED QUESTIONS AND VERIFIED CORRECT ANSWERS/ ALREADY GRADED A++

 22 views  1 purchase
  • Course
  • CREST CPSA
  • Institution
  • CREST CPSA

CREST CPSA ACTUAL EXAM LATEST 2024/2025 DETAILED QUESTIONS AND VERIFIED CORRECT ANSWERS/ ALREADY GRADED A++ CREST CPSA ACTUAL EXAM LATEST 2024/2025 DETAILED QUESTIONS AND VERIFIED CORRECT ANSWERS/ ALREADY GRADED A++

Preview 4 out of 111  pages

  • October 2, 2024
  • 111
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers
  • CREST CPSA
  • CREST CPSA
avatar-seller
phoebemigwi
CREST CPSA ACTUAL EXAM LATEST 2024/2025
QUESTIONS AND VERIFIED CORRECT ANSWERS/ ALREADY
GRADED A++
how can HTTP Trace method used against web server? - ANSWER user
cookie and session information compromised

Java technique that minimises threat from applets - ANSWER Sandbox

enumerate users with empty GECOS field. - ANSWER finger 0@<ip>

LANMAN and NTLM. - ANSWER Don't use a salt.

Stored procedure xp_cmdshell can? - ANSWER Execute any DOS
commands.

Unmap unused ISAPI filters to...? - ANSWER .....reduce attack surface
against IIS

Which SQL string can be used in username to bypass an authentication
mechanism. - ANSWER ' or 1=1 - -

Different Web site host names have same IP. How does web server
differentiate? - ANSWER Inspecting host field in client request.

HTTP Method for enumerating HTTP methods. - ANSWER OPTIONS

EXPN command protocol? - ANSWER SMTP

DNS Zone transfer command. - ANSWER dig @relay.example.org
example.org axfr

SMTP commands to enumerate users on a default Sendmail server. -
ANSWER VRFY EXPN RCPT TO

CVE-2003-0780 MySQL version has post authentication privilege
escalation issue. - ANSWER MySQL 4.0.15

DES Data block size - ANSWER 64 bits

,RC4 Key size - ANSWER 128

Symmetric encryption algorithm. - ANSWER AES

Salted md5? - ANSWER Salted md5?

Trusted hosts and usernames for unix r-services - ANSWER
/etc/hosts.equiv

Cookie attribute for must stored on disk - ANSWER Expires

Null session to windows. - ANSWER net use \\host\ipc$"" /u:""

Reason for written permission for pen test. - ANSWER Misuse of computer
act.

CVE-2002-0906 buffer overflow, sendmail version. - ANSWER 8.12.4

Which ruser command lists active user details. - ANSWER rusers -l <ip>

Password hashes stored on linux - ANSWER /etc/shadow

HTTP Methods - ANSWER Options, delete,put,trace,

SAM file location - ANSWER %systemroot%\system32\config\SAM

IIS 5.0. Which o/s? - ANSWER Windows 2000

IPv6 bits? - ANSWER 128

How are cookies presented back to the server? - ANSWER Cookie HTTP
header.

SOAP - ANSWER Simple Object Access Protocol

HTTP method for soap api data transfer? - ANSWER POST

Windows tracert packets? - ANSWER ICMP

,Which command enumerates exchange server connected by Telnet. -
ANSWER EHLO

SSH version susceptible to man in the middle attacks. - ANSWER Version
1

TTL = 128. Which o/s? - ANSWER Windows

Public Key Encryption - ANSWER RSA

ICMP destination host unreachable (number?) - ANSWER 3

Windows command to list all patches - ANSWER wmic qfe

TNS listener default config. - ANSWER Before Oracle 10g it could be
remotely managed.

LDAP command injection characters. - ANSWER ()&*|

RSA - ANSWER Rivest, Shamir, & Adleman

Self signed SSL. Certificate vulnerability - ANSWER Spoof certificate and
execute man in the middle attack

Cookie can be accessed by client side scripts. Which cookie attribute? -
ANSWER httponly

CVE-2001-0414 NTP remote exploit version? - ANSWER 4.0.99k

AD database filename - ANSWER NTDS.DIT

IPv4 bits? - ANSWER 32 bits

Prevent user enumeration through null sessions. Which registry? -
ANSWER Restrict Anonymous.

IKE Main mode more secure than aggressive. Because? - ANSWER
identity protection.

, DNS Zone Reverse look up record. For ip 192.168.1.10 - ANSWER
10.1.168.192. In-addr.arpa. IN PTR alpha.example.com

BIND version information. Command? - ANSWER dig @beta.example.com
version.bind chaos txt

xhost - - ANSWER Host based authentication disabled.

NOT a SIP method. - ANSWER Quit.

FTP command to initiate data transfer - ANSWER PORT

MAC address size. - ANSWER 48 Bits

802.3 - ANSWER Ethernet

DBSNMP default password? - ANSWER DBSNMP

CVE 2012-5615 MySQL 5.6.0 vulnerability.? - ANSWER Username
enumeration.

NOT an ICMP message - ANSWER Bad Length

HTTP status code bad request? - ANSWER 400

TFTP command to list directory. - ANSWER You cannot list directory.

ARP - ANSWER Address Resolution Protocol

VTP - ANSWER VLAN Trunking Protocol

CDP - ANSWER Cisco Discovery Protocol

TACACS - ANSWER Terminal Access Controller Access Control System.
TCP - ANSWER Transmission Control Protocol

UDP - ANSWER User Datagram Protocol

Port 21 - ANSWER FTP

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller phoebemigwi. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $20.99. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

71184 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$20.99  1x  sold
  • (0)
  Add to cart