GIAC Red Team Professional (GRTP) Free Practice Test

Question 1

What should be included in a comprehensive red team engagement report?
Response:

A. Marketing strategies for the organization

B. Detailed descriptions of the exploited vulnerabilities

C. Names of employees who failed the security tests

D. The red team's personal opinions on company culture

Correct Answer: B

Question 2

What are key considerations when forming a red team for an engagement?
Multiple Correct Answers
Response:

A. The availability of advanced hacking tools

B. The ability to work undetected within the target organization

C. The skills and expertise of each team member

D. Ensuring a diversity of perspectives and capabilities

Correct Answer: C,D

Question 3

What are critical considerations when testing a malicious payload?
Multiple Correct Answers
Response:

A. The clarity of the payload's source code

B. The payload's compatibility with various operating systems

C. Its undetectability by network intrusion detection systems

D. Its ability to bypass antivirus software

Correct Answer: C,D

Question 4

What factors should be considered when selecting a method for privilege escalation in a target environment?
Multiple Correct Answers
Response:

A. The presence of antivirus or endpoint protection

B. The required time to exploit a given vulnerability

C. The compatibility of the exploit with the target's CPU architecture

D. The level of noise or detectability associated with the method

Correct Answer: A,D

Question 5

In a C2 infrastructure, what role does the 'stager' play?
Response:

A. It establishes the initial connection between the payload and the C2 server.

B. It performs reconnaissance within the compromised network.

C. It wipes traces of activities from the infected host.

D. It encrypts data before exfiltration.

Correct Answer: A

Question 6

What are common evasion techniques used in command and control operations to avoid detection?
Multiple Correct Answers
Response:

A. Use of legitimate websites for data exfiltration

B. Encryption of C2 traffic

C. Rapid rotation of IP addresses

D. Frequent changing of payload signatures

Correct Answer: A,B,D

Question 7

Which attribute of Active Directory user accounts is specifically targeted in a Kerberoasting attack?
Response:

A. The user's Service Principal Name (SPN)

B. The user's logon script path

C. The user's group membership

D. The user's SID

Correct Answer: A

Question 8

What is the primary purpose of lateral movement within a network?
Response:

A. To cause a denial of service in the network infrastructure

B. To gain access to additional systems and expand control within the environment

C. To establish a persistent backdoor in the network

D. To exfiltrate all data immediately from the compromised host

Correct Answer: B

Question 9

In the context of attacking Active Directory, what is the primary goal of a DCSync attack?
Response:

A. To create a replica domain controller in a rogue environment

B. To synchronize directory changes between domain controllers

C. To update Active Directory schema to introduce vulnerabilities

D. To obtain password hashes from the Active Directory database

Correct Answer: D

Question 10

Which attack method targets improperly configured sudo privileges to escalate access on a Linux system?
Response:

A. Kerberoasting

B. Pass-the-Hash

C. SQL injection

D. Sudo exploitation

Correct Answer: D

Question 11

What are the advantages of using a content delivery network (CDN) in an attack infrastructure?
Multiple Correct Answers
Response:

A. Enhanced anonymity for the attacker's operations

B. Simplification of the malware distribution process

C. Decreased latency in command and control communication

D. Increased resilience against DDoS attacks

Correct Answer: A,C,D

Question 12

In the context of attack infrastructure, what is 'pivoting'?
Response:

A. Redirecting phishing emails to a different target audience

B. Rotating cryptographic keys to secure command and control communication

C. Using a compromised system to gain access to other systems in the network

D. Changing the attack vector to exploit different vulnerabilities

Correct Answer: C

Question 13

What is the primary goal of exfiltration in a red team operation?
Response:

A. To discover vulnerabilities

B. To perform privilege escalation

C. To extract and transfer sensitive data out of the target network

D. To perform reconnaissance

Correct Answer: C

Question 14

Which methodology provides a structured approach for testing the efficiency of security controls against a known adversary behavior?
Response:

A. OWASP Testing Guide

B. Red Team Assessment

C. ISO/IEC 27001

D. MITRE ATT&CK Evaluations

Correct Answer: D

Welcome to TestSimulate

GIAC Red Team Professional (GRTP) Free Practice Test