nerdexam
GIAC

GCIH · Question #567

How can the information below be used in a penetration test?

The correct answer is C. Harvest the user information to attempt to gain access. The users exposed in metadata can give information for accounts or for attempted exploitation or social engineering.

Vulnerability Exploitation & Privilege Escalation

Question

How can the information below be used in a penetration test?

Exhibit

GCIH question #567 exhibit

Options

  • AAttempt to use an Apache exploit on the server
  • BMake a zone transfer request on the DNS server
  • CHarvest the user information to attempt to gain access
  • DUse the heartbleed vulnerability to pull all user data off the server

How the community answered

(37 responses)
  • A
    3% (1)
  • B
    8% (3)
  • C
    73% (27)
  • D
    16% (6)

Explanation

The users exposed in metadata can give information for accounts or for attempted exploitation or social engineering.

Topics

#credential harvesting#OSINT#penetration testing#information gathering

Community Discussion

No community discussion yet for this question.

Full GCIH Practice