ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam PT0-002 All Questions

View all questions & answers for the PT0-002 exam
Go to Exam

Exam PT0-002 topic 1 question 214 discussion

Actual exam question from CompTIA's PT0-002
Question #: 214
Topic #: 1
[All PT0-002 Questions]

A penetration tester successfully performed an exploit on a host and was able to hop from VLAN 100 to VLAN 200. VLAN 200 contains servers that perform financial transactions, and the penetration tester now wants the local interface of the attacker machine to have a static ARP entry in the local cache. The attacker machine has the following:


IP Address: 192.168.1.63 -
Physical Address: 60-36-dd-a6-c5-33

Which of the following commands would the penetration tester MOST likely use in order to establish a static ARP entry successfully?

  • A. tcpdump -i eth01 arp and arp[6:2] == 2
  • B. arp -s 192.168.1.63 60-36-DD-A6-C5-33
  • C. ipconfig /all findstr /v 00-00-00 | findstr Physical
  • D. route add 192.168.1.63 mask 255.255.255.255.0 192.168.1.1
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by 2Fish at Feb. 10, 2023, 5:29 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Etc_Shadow28000
10 months, 1 week ago
Selected Answer: B
B. arp -s 192.168.1.63 60-36-DD-A6-C5-33 Explanation: The arp command is used to manipulate the ARP cache. The -s flag allows you to add a static ARP entry. This command associates the IP address 192.168.1.63 with the physical (MAC) address 60-36-DD-A6-C5-33 in the ARP cache.
upvoted 1 times
...
pepgua
11 months ago
The MOST likely command for the penetration tester to use is: B. arp -s 192.168.1.63 60-36-DD-A6-C5-33 The arp -s command is specifically designed for setting static ARP entries. Here's a breakdown of the arguments: arp: The command itself to manipulate the ARP cache. -s: Flag to specify setting a static ARP entry. 192.168.1.63: The IP address of the attacker's machine. 60-36-DD-A6-C5-33: The MAC address of the attacker's machine. By running this command, the penetration tester creates a static ARP entry in the local ARP cache, associating the attacker's IP address (192.168.1.63) with its MAC address (60-36-DD-A6-C5-33). This can potentially help the attacker maintain a connection within VLAN 200 by ensuring network packets are routed correctly based on the spoofed MAC address.
upvoted 1 times
...
cy_analyst
2 years, 2 months ago
Selected Answer: B
This command creates a static ARP entry that associates the IP address 192.168.1.63 with the physical address 60-36-DD-A6-C5-33. This means that any traffic destined for 192.168.1.63 will be sent directly to the specified physical address, without the need for ARP resolution.
upvoted 3 times
...
2Fish
2 years, 2 months ago
Selected Answer: B
B, is correct. https://www.xmodulo.com/how-to-add-or-remove-static-arp-entry-on-linux.html
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago