Science & Research

  1. Ricky is conducting a penetration test against a web application and is looking for potential vulnerabilities to exploit. Which of the following vulnerabilities does not commonly exist in web applications? A. SQL injection B . VM escape C. Buffer overflow D. Cross-site scripting 2. What specialized type of legal document is often used to protect the confidentiality of data and other information that penetration testers may encounter? A. An SOW B. An NDA C. An MSA D. A noncompete 3. Chris is assisting Ricky with his penetration test and would like to extend the vulnerability search to include the use of dynamic testing. Which one of the following tools can he use as an interception proxy? A . ZAP B. Nessus C. SonarQube D. OLLYDBG 4. Matt is part of a penetration testing team and is using a standard toolkit developed by his team. He is executing a password cracking script named password.sh. What language is this script most likely wr...