The purpose of this Sample Question Set is to provide you with information about the CREST Tester Infrastructure exam. These sample questions will make you very familiar with both the type and the difficulty level of the questions on the CCT INF certification test. To get familiar with real exam environment, we suggest you try our Sample CREST Tester Infrastructure Certification Practice Exam. This sample practice exam gives you the feeling of reality and is a clue to the questions asked in the actual CREST Certified Tester - Infrastructure (CCT INF) certification exam.
These sample questions are simple and basic questions that represent likeness to the real CREST CCT INF exam questions. To assess your readiness and performance with real time scenario based questions, we suggest you prepare with our Premium CREST Tester Infrastructure Certification Practice Exam. When you solve real time scenario based questions practically, you come across many difficulties that give you an opportunity to improve.
CREST CCT INF Sample Questions:
01. What is the main objective of a Rules of Engagement (RoE) document during a penetration test?
a) To list vulnerabilities found during assessment
b) To define the target’s firewall settings
c) To establish scope, permissions, and constraints for testing
d) To provide daily reports to stakeholders
02. You gain access to a standard user account on macOS. You run sudo -l and see the user can run /usr/bin/open as root without a password. What is a viable path to privilege escalation?
a) Open Terminal.app using sudo open -a Terminal.app
b) Dump the keychain using netstat
c) Use Finder to change file ownerships
d) Disable SIP
03. BitLocker is Microsoft’s implementation of ______.
a) Memory sanitization
b) Full disk encryption
c) BIOS rollback
d) Code signing
04. From this list, which protocol provides the highest level of security on a wireless network?
a) WPA / TKIP
b) UMTS
c) WTLS
d) WEP
e) WPA / AES
05. Scenario: While testing an enterprise router, you discover that SNMP is enabled and accessible using the community string public. No authentication is required.
What is the most appropriate next step?
a) Change the community string to "private"
b) Exploit the router via telnet
c) Query the SNMP service for system and network data
d) Disable SNMP and reconfigure logging
06. The IEEE 802.1Q standard is used to implement ______ tagging in Ethernet frames.
a) VLAN
b) DNS
c) IP
d) SSL
07. Which of the following is NOT a default authority in Active Directory?
a) Backup Operator
b) Workstation Operator
c) Server Operator
d) Account Operator
e) Print Operator
08. During a scoping meeting, which factor is critical for defining the technical boundaries of the test?
a) Number of testers involved
b) Third-party liability coverage
c) IP address ranges in scope
d) Contract signature date
09. Which of the following is not a valid key length for the AES encryption algorithm?
a) 192 bits
b) 128 bits
c) 256 bits
d) 168 bits
e) All of the above
10. The act of using a compromised host to route traffic to internal systems is known as ______.
a) Pivoting
b) Probing
c) Enumeration
d) Packet injection
Answers:
Question: 01
Answer: c |
Question: 02
Answer: a |
Question: 03
Answer: b |
Question: 04
Answer: e |
Question: 05
Answer: c |
Question: 06
Answer: a |
Question: 07
Answer: b |
Question: 08
Answer: c |
Question: 09
Answer: d |
Question: 10
Answer: a |
Note: For any error in CREST Certified Tester - Infrastructure (CCT INF) (CCT INF) certification exam sample questions, please update us by writing an email on feedback@edusum.com.
