GIAC Exploit Researcher and Advanced Penetration Tester - GXPN Exam Practice Test
Which of the following is a common technique used to bypass Address Space Layout Randomization (ASLR) on Windows?
Response:
Response:
Correct Answer: C
Vote an answer
In Linux, which type of memory is primarily used to store global and static variables?
Response:
Response:
Correct Answer: A
Vote an answer
Which of the following describes protocol fuzzing?
Response:
Response:
Correct Answer: D
Vote an answer
What is the primary mechanism by which stack overflow attacks achieve code execution?
Response:
Response:
Correct Answer: A
Vote an answer
What are two common mitigation techniques used in Windows to prevent buffer overflow attacks?
(Choose Two)
Response:
(Choose Two)
Response:
Correct Answer: B,D
Vote an answer
You are exploiting a stack overflow vulnerability in a vulnerable program. Which approach would you take to successfully exploit the vulnerability?
Response:
Response:
Correct Answer: A
Vote an answer
How does understanding assembly language benefit a penetration tester working with Linux systems?
Response:
Response:
Correct Answer: B
Vote an answer
What is a critical consideration when identifying ways to improve a fuzzer?
Response:
Response:
Correct Answer: A
Vote an answer
What is shellcode primarily used for in exploitation?
Response:
Response:
Correct Answer: A
Vote an answer
In a buffer overflow attack, what part of the stack is typically targeted to gain control of execution flow?
Response:
Response:
Correct Answer: A
Vote an answer
Which of the following network vulnerabilities can be exploited to perform a man-in-the-middle (MITM) attack?
Response:
Response:
Correct Answer: C
Vote an answer
Which two techniques are commonly used to obfuscate shellcode?
(Choose Two)
Response:
(Choose Two)
Response:
Correct Answer: A,D
Vote an answer
What is the purpose of encoding shellcode during a penetration test?
Response:
Response:
Correct Answer: A
Vote an answer
How can an exploit writer overcome Address Space Layout Randomization (ASLR) while creating a stack smashing attack?
Response:
Response:
Correct Answer: D
Vote an answer