A penetration tester would like to obtain FTP credentials by deploying a workstation as an on-path attack between the target and the server that has the FTP protocol. Which of the following methods would be the BEST to accomplish this objective?
A.
Wait for the next login and perform a downgrade attack on the server.
Answer: B. Capture traffic using Wireshark.
Option A is incorrect because a downgrade attack is used to take advantage of a vulnerability in a legacy version of a program to gain access to a system. It is not related to FTP credentials.
Option C is incorrect because a brute-force attack is used to guess a user's password by systematically trying every possible combination of characters until the correct one is found. This does not help in obtaining FTP credentials.
Option D is incorrect because an FTP exploit is used to gain access to a system by exploiting a vulnerability in an FTP server. It is not related to FTP credentials.
Option B is the correct answer because Wireshark is a packet analyzer that can be used to capture and analyze network traffic. A penetration tester can use Wireshark to capture traffic from the server and look for credentials that are sent in plaintext. This is the best way to obtain FTP credentials.
upvoted 3 times
...
This section is not available anymore. Please use the main Exam Page.PT0-002 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Mr_BuCk3th34D
Highly Voted 1 year, 4 months ago[Removed]
Most Recent 5 months, 1 week agoNotAHackerJustYet
1 year, 3 months ago