Professional Documents
Culture Documents
Sturtle Security Exam Dumps
Sturtle Security Exam Dumps
Examinaton Portal
C-VA
Best Of Luck For Exam
RESULT'S
YOUR ANSWER'S
1 .) While testing an application, you notice that the server implements rate limiting based
on the X-Forwarded-For header to restrict the number of requests from a single IP. To
bypass this restriction and test for rate limit vulnerabilities, which feature of Burp Suite
can you use to systematically change the X-Forwarded-For header in each request?
Answer : Sequencer
2 .) Suppose you are testing an application that implements content security policy (CSP)
via the Content-Security-Policy HTTP header. You need to evaluate the policy's
effectiveness against XSS attacks by observing how the application behaves when this
header is modified or removed. Which Burp Suite feature would allow you to intercept and
alter HTTP requests and responses in real-time to remove or alter the Content-Security-
Policy header?
Answer : Intruder
3 .) During a penetration test, you intercept a request in Burp Suite and notice that the
application is vulnerable to XML External Entity (XXE) injection. What potential impact
could exploiting this vulnerability have on the target system?
4 .) During a penetration test, you intercept a request in Burp Suite and notice that the
application is vulnerable to Server-Side Template Injection (SSTI). What potential impact
could exploiting this vulnerability have on the target system?
5 .) During a penetration test, you successfully exploit a vulnerability in the target system
and gain unauthorized access. What should be your immediate next step?
6 .) While analyzing traffic in Burp Suite, you identify a parameter that is vulnerable to SQL
injection. What could be an appropriate action to validate this vulnerability?
STURTLE
Answer : Manually modify the parameter SECURITY
to include SQL injection payloads.
Examinaton Portal
7 .) You conduct an Nmap scan and discover that a target server is running an outdated
version of the Apache web server software. What vulnerability might this expose the
server to?
8 .) During a penetration test, you intercept a request in Burp Suite and notice that the
application is vulnerable to Insecure Direct Object References (IDOR). What potential
impact could exploiting this vulnerability have on the target system?
9 .) After running an Nmap scan, you find that a server has port 22 open. What
vulnerability assessment technique could you use to probe for potential weaknesses on
this port?
Answer : Exploitation
10 .) In Burp Suite scan results, you observe that the web application is vulnerable to
Cross-Site Scripting (XSS) attacks via unsanitized user input. Which type of XSS attack
allows an attacker to steal cookies from authenticated users?
11 .) After conducting an Nmap scan, you find that a target system has port 1521 open.
What vulnerability might this indicate?
12 .) While analyzing HTTP headers in Burp Suite, you identify that the application is not
setting the X-Content-Type-Options header. What vulnerability does this lack of security
control expose the application to?
13 .) While analyzing Burp Suite results, you identify a hidden parameter in a web
application's POST request. What potential security issue could this hidden parameter
present?
14 .) After conducting an Nmap scan, you find that a target system has ports 25, 110, and
143 open. What vulnerability might this indicate?
16 .) After running an Nmap scan on the target network, you identify that several systems
have ports 135, 139, and 445 open. What common vulnerability might be exploited on
these systems?
Answer : Heartbleed
17 .) During a penetration test, you intercept a request in Burp Suite and notice that the
application is vulnerable to Insecure Direct Object References (IDOR). What potential
impact could exploiting this vulnerability have on the target system?
18 .) While examining Burp Suite results, you notice that the application's HTTP response
headers lack security-related flags such as X-Frame-Options and Content-Security-Policy.
What type of attack might this vulnerability expose the application to?
19 .) You are tasked with auditing a web application for security issues related to session
management. You notice that the Set-Cookie response header from the login page
contains a Secure flag, but lacks the HttpOnly flag. To systematically test the implications
of this configuration for session hijacking and XSS vulnerabilities, which Burp Suite tool
would you use to automate sending of requests while tracking the session cookies?
Answer : Intruder
20 .) You run an Nmap scan and find that a target system has port 1433 open. What
vulnerability might this indicate?
21 .) While analyzing HTTP responses in Burp Suite, you identify that the application is
vulnerable to Server-Side Request Forgery (SSRF). What could be a potential exploitation
scenario based on this vulnerability?
22 .) During a penetration test, you intercept a request in Burp Suite and notice that the
application is vulnerable to Server-Side Request Forgery (SSRF). What could be a potential
exploitation scenario based on this vulnerability?
Answer : Decoder
24 .) You intercept a request in Burp Suite and notice that the application is vulnerable to
XML External Entity (XXE) injection. What kind of attack can be executed through this
vulnerability?
25 .) You intercept a request in Burp Suite and notice that the application is vulnerable to
SQL injection. What type of SQL injection attack would you perform to retrieve sensitive
information from the database?
26 .) During a penetration test, you intercept a request in Burp Suite and notice that the
application is vulnerable to XML External Entity (XXE) injection. What kind of attack can be
executed through this vulnerability?
27 .) After conducting an Nmap scan, you find that a target system has port 3389 open.
What vulnerability might this indicate?
28 .) After conducting an Nmap scan, you find that a target system has ports 80, 443, and
8080 open. What potential exploitation scenario could you investigate based on these
findings?
29 .) After conducting an Nmap scan, you find that a target system has port 3306 open.
What vulnerability might this indicate?
30 .) You are assessing a web application that employs a strict same-origin policy with
CORS implemented via the Access-Control-Allow-Origin header. To test for
misconfigurations that might allow unauthorized cross-origin requests, which Burp Suite
tool would be most effective for modifying origin headers in requests and observing the
application's responses?
Answer : Repeater STURTLE SECURITY
Examinaton Portal
31 .) While analyzing HTTP headers in Burp Suite, you notice that the application is not
setting the Secure and HttpOnly flags on session cookies. What vulnerability does this
lack of security controls expose the application to?
33 .) After conducting an Nmap scan, you find that a target system has ports 21, 22, and
23 open. What vulnerability might this indicate?
Answer : Vulnerability to unauthorized access through FTP, SSH, and Telnet services
34 .) After conducting an Nmap scan, you discover that a target server has ports 80, 443,
and 8080 open. What could be a potential exploitation scenario based on these findings?
35 .) During a penetration test, you identify a web page that reflects user input in HTTP
response headers without proper sanitization. You suspect this behavior could be
exploited to perform HTTP Response Splitting attacks. Which of the following Burp Suite
components would be most effective for testing this hypothesis by crafting payloads that
manipulate response headers?
Answer : Repeater
Score
21 / 35
Percentage
60.00%
C-VA
Best Of Luck For Exam
RESULT'S
YOUR ANSWER'S
1 .) After conducting an Nmap scan, you find that a target system has port 3306 open.
What vulnerability might this indicate?
2 .) During a penetration test, you identify a web page that reflects user input in HTTP
response headers without proper sanitization. You suspect this behavior could be
exploited to perform HTTP Response Splitting attacks. Which of the following Burp
Suite components would be most effective for testing this hypothesis by crafting
payloads that manipulate response headers?
Answer : Repeater
3 .) During a penetration test, you intercept a request in Burp Suite and notice that
the application is vulnerable to Server-Side Template Injection (SSTI). What potential
impact could exploiting this vulnerability have on the target system?
4 .) After conducting an Nmap scan, you find that a target system has port 3389 open.
What vulnerability might this indicate?
5 .) After conducting an Nmap scan, you find that a target system has port 1521 open.
What vulnerability might this indicate?
6 .) While testing an application, you notice that the server implements rate limiting
based on the X-Forwarded-For header to restrict the number of requests from a single
IP. To bypass this restriction and test for rate limit vulnerabilities, which feature of
Burp Suite can you use to systematically change the X-Forwarded-For header in each
request?
Answer : Intruder
7 .) A multinational corporation, renowned for its proprietary software, experiences a
data breach. Upon investigation, it's revealed that an attacker exploited a
vulnerability in the software's outdated third-party library. What should the
vulnerability analyst recommend to prevent similar incidents in the future?
8 .) While performing an analysis of a web application through Burp Suite, you notice
the server returns an unusual HTTP header, X-Custom-IP-Authorization, in responses
to specific requests. To further explore potential vulnerabilities, which feature of Burp
Suite should you primarily use to manipulate and resend modified versions of these
requests with various X-Custom-IP-Authorization header values?
Answer : Repeater
9 .) After conducting an Nmap scan, you find that a target system has ports 21, 22,
and 23 open. What vulnerability might this indicate?
Answer : Vulnerability to unauthorized access through FTP, SSH, and Telnet services
10 .) After running an Nmap scan, you find that a server has port 22 open. What
vulnerability assessment technique could you use to probe for potential weaknesses
on this port?
11 .) While examining Burp Suite results, you notice that the application's HTTP
response headers lack security-related flags such as X-Frame-Options and Content-
Security-Policy. What type of attack might this vulnerability expose the application
to?
Answer : Clickjacking
12 .) While analyzing HTTP headers in Burp Suite, you identify that the application is
not setting the X-Content-Type-Options header. What vulnerability does this lack of
security control expose the application to?
14 .) Imagine you are conducting a penetration test and discover that the application
under test relies on custom encryption for data in a specific HTTP header, X-
Encrypted-Data, for sensitive operations. You wish to decrypt this data to test for
potential vulnerabilities in how the application processes the decrypted information.
Which Burp Suite tool should you use to decode and analyze the X-Encrypted-Data
header value?
Answer : Decoder
15 .) While analyzing traffic in Burp Suite, you identify a parameter that is vulnerable
to SQL injection. What could be an appropriate action to validate this vulnerability?
16 .) During a penetration test, you intercept a request in Burp Suite and notice that
the application is vulnerable to Insecure Direct Object References (IDOR). What
potential impact could exploiting this vulnerability have on the target system?
17 .) You run an Nmap scan and find that a target system has port 1433 open. What
vulnerability might this indicate?
18 .) During a penetration test, you intercept a request in Burp Suite and notice that
the application is vulnerable to XML External Entity (XXE) injection. What potential
impact could exploiting this vulnerability have on the target system?
19 .) During a penetration test, you intercept a request in Burp Suite and notice that
the application is vulnerable to Server-Side Request Forgery (SSRF). What could be a
potential exploitation scenario based on this vulnerability?
20 .) During a web application penetration test, you observe that the login page does
not implement any session management controls, allowing users to maintain access
without re-authenticating. What vulnerability does this scenario represent?
21 .) While conducting a vulnerability assessment, you discover that the target system
is vulnerable to a buffer overflow attack due to insufficient input validation. What
type of security vulnerability does this represent?
22 .) You are assessing a web application that employs a strict same-origin policy with
CORS implemented via the Access-Control-Allow-Origin header. To test for
misconfigurations that might allow unauthorized cross-origin requests, which Burp
Suite tool would be most effective for modifying origin headers in requests and
observing the application's responses?
Answer : Proxy
23 .) Suppose you are testing an application that implements content security policy
(CSP) via the Content-Security-Policy HTTP header. You need to evaluate the policy's
effectiveness against XSS attacks by observing how the application behaves when this
header is modified or removed. Which Burp Suite feature would allow you to
intercept and alter HTTP requests and responses in real-time to remove or alter the
Content-Security-Policy header?
Answer : Proxy
24 .) While analyzing HTTP headers in Burp Suite, you notice that the application is
not setting the Secure and HttpOnly flags on session cookies. What vulnerability does
this lack of security controls expose the application to?
25 .) During a penetration test, you intercept a request in Burp Suite and notice that
the application is vulnerable to Insecure Direct Object References (IDOR). What
potential impact could exploiting this vulnerability have on the target system?
26 .) You run an Nmap scan and find that a target server has port 21 open. What
vulnerability assessment technique could you use to further investigate potential
weaknesses on this port?
Answer : Exploitation
27 .) During a penetration test, you intercept a request in Burp Suite and notice that
the application is vulnerable to XML External Entity (XXE) injection. What kind of
attack can be executed through this vulnerability?
28 .) While analyzing Burp Suite results, you identify a hidden parameter in a web
application's POST request. What potential security issue could this hidden parameter
present?
29 .) While analyzing HTTP responses in Burp Suite, you identify that the application
is vulnerable to Server-Side Request Forgery (SSRF). What could be a potential
exploitation scenario based on this vulnerability?
30 .) You conduct an Nmap scan and discover that a target server is running an
outdated version of the Apache web server software. What vulnerability might this
expose the server to?
Answer : Remote Code Execution (RCE)
31 .) You are tasked with auditing a web application for security issues related to
session management. You notice that the Set-Cookie response header from the login
page contains a Secure flag, but lacks the HttpOnly flag. To systematically test the
implications of this configuration for session hijacking and XSS vulnerabilities, which
Burp Suite tool would you use to automate sending of requests while tracking the
session cookies?
Answer : Intruder
32 .) After conducting an Nmap scan, you discover that a target server has ports 80,
443, and 8080 open. What could be a potential exploitation scenario based on these
findings?
33 .) After running an Nmap scan on the target network, you identify that several
systems have ports 135, 139, and 445 open. What common vulnerability might be
exploited on these systems?
34 .) You intercept a request in Burp Suite and notice that the application is vulnerable
to SQL injection. What type of SQL injection attack would you perform to retrieve
sensitive information from the database?
35 .) After conducting an Nmap scan, you find that a target system has ports 80, 443,
and 8080 open. What potential exploitation scenario could you investigate based on
these findings?
Score
27 / 35
Percentage
77.14%