nerdexam
GIAC

GPEN · Question #484

GPEN Question #484: Real Exam Question with Answer & Explanation

The correct answer is C. Run all sendmail exploits that will not crash the server and see if you cancompromise the. See the full explanation below for the reasoning.

Question

You have been contracted to penetration test an e-mail server for a client that wants to know for sure if the sendmail service is vulnerable to any known attacks. You have permission to run any type of test, how will you proceed to give the client the most valid answer?

Options

  • ARun all known sendmail exploits against the server and see if you can compromisethe service,
  • BRun a banner grabbing vulnerability checker to determine the sendmail version andpatch
  • CRun all sendmail exploits that will not crash the server and see if you cancompromise the
  • DLog into the e-mail and determine the sendmail version and patch level, then lookup and

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full GPEN Practice