The purpose of this Sample Question Set is to provide you with information about the CREST Red Team Specialist exam. These sample questions will make you very familiar with both the type and the difficulty level of the questions on the CCRTS certification test. To get familiar with real exam environment, we suggest you try our Sample CREST Red Team Specialist Certification Practice Exam. This sample practice exam gives you the feeling of reality and is a clue to the questions asked in the actual CREST Certified Red Team Specialist (CCRTS) certification exam.
These sample questions are simple and basic questions that represent likeness to the real CREST CCRTS exam questions. To assess your readiness and performance with real time scenario based questions, we suggest you prepare with our Premium CREST Red Team Specialist Certification Practice Exam. When you solve real time scenario based questions practically, you come across many difficulties that give you an opportunity to improve.
CREST CCRTS Sample Questions:
01. Scenario: Your C2 traffic is detected due to repetitive, non-browser-like headers in requests. What should you modify?
a) Use Base64 payloads
b) Spoof User-Agent and Accept headers
c) Switch to DNS-only C2
d) Send binary data directly in URL paths
02. Scenario: A login portal is accessible externally and allows unlimited password attempts. What attack vector does this support?
a) Cross-Site Request Forgery
b) DNS rebinding
c) Credential stuffing
d) SQL Injection
03. Credential stuffing relies on ______ passwords being reused across multiple sites.
a) breached
b) random
c) rotated
d) long
04. What is a common reason that red teams use LOLBins (Living-Off-the-Land Binaries)?
a) They are not subject to network filtering
b) They consume fewer resources
c) They are trusted binaries that can execute payloads
d) They are compiled in Go
05. Scenario: During a red team engagement, your HTTP beacon implant is blocked by a new proxy rule mid-operation. What should the implant ideally do next?
a) Uninstall itself
b) Fail silently and stop all communication
c) Alert the SOC
d) Attempt communication over a fallback DNS C2
06. The Windows folder C:\Windows\Tasks\ is commonly associated with the ______ persistence mechanism.
a) Scheduled Tasks
b) Registry hijack
c) WMI hooks
d) Service binary hijack
07. Which DNS misconfigurations could provide attackers with an internal view of the organization’s structure?
a) Open zone transfers
b) Public SPF records
c) Wildcard A records
d) TXT records for DKIM
08. Scenario: After successful C2 setup, the client resets their firewall to block all outbound traffic except port 443. What’s your best option to retain C2 access?
a) Pivot through SMB on port 445
b) Switch to HTTPS beaconing over port 443
c) Use FTP beacon on port 21
d) Drop to ICMP
09. Scenario: You observe that a service binary running as SYSTEM is writable by the current user. What privilege escalation method should you attempt?
a) Overwrite the binary with a reverse shell and restart the service
b) Enable Windows Firewall
c) Create a scheduled task as the user
d) Upload a keylogger
10. Red teamers collect and evaluate publicly available data about a target during the ______ phase.
a) Cleanup
b) Reconnaissance
c) Exploitation
d) Reporting
Answers:
Question: 01
Answer: b |
Question: 02
Answer: c |
Question: 03
Answer: a |
Question: 04
Answer: c |
Question: 05
Answer: d |
Question: 06
Answer: a |
Question: 07
Answer: a, b |
Question: 08
Answer: b |
Question: 09
Answer: a |
Question: 10
Answer: b |
Note: For any error in CREST Certified Red Team Specialist (CCRTS) (CCRTS) certification exam sample questions, please update us by writing an email on feedback@edusum.com.
