SIMULATIONA penetration tester performs several Nmap scans against the web application for a client.INSTRUCTIONSClick on the WAF and servers to review the results of the Nmap scans. Then click on each tab to select the appropriate vulnerability and remediation options.If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

See the explanation part for detailed solution

A penetration tester enters a command into the shell and receives the following output:C:\Users\UserX\Desktop>vmic service get name, pathname, displayname, startmode | findstr /i auto | findstr /i /v |C:\\Windows\\' I findstr /i /v''VulnerableService Some Vulnerable Service C:\Program Files\A Subfolder\B Subfolder\SomeExecutable.exe AutomaticWhich of the following types of vulnerabilities does this system contain?

Insecure file/folder permissions

Which of the following is the most secure way to protect a final report file when delivering the report to the client/customer?

Asking for a PGP public key to encrypt the file

Creating a link on a cloud service and delivering it by email

Asking for a PGP public key to encrypt the file

Requiring FTPS security to download the file

Copying the file on a USB drive and delivering it by postal mail

A penetration tester was able to gain access to a plaintext file on a user workstation. Upon opening the file, the tester notices some strings of randomly generated text. The tester is able to use these strings to move laterally throughout the network by accessing the fileshare on a web application. Which of the following should the organization do to remediate the issue?

Implement password management solution.

Utilize certificate management.

A penetration tester is hired to test a client's systems. The client's systems are hosted by the client at its headquarters. The production environment is hosted by a private cloud-hosting company. Which of the following would be the most important for the penetration tester to determine before beginning the test?

Physical locations of the infrastructure

A penetration tester runs an Nmap scan and obtains the following output:Starting Nmap 7.80 ( https://nmap.org ) at 2023-02-12 18:53 GMTNmap scan report for 10.22.2.2Host is up (0.0011s latency).PORT STATE SERVICE VERSION135/tcp open msrpc Microsoft Windows RPC139/tcp open netbios-ssn Microsoft Windows netbios-ssn445/tcp open microsoft-ds Microsoft Windows Server 20191433/tcp open ms-sql-s Microsoft SQL Server 20193389/tcp open ms-wbt-server Microsoft Terminal Services8080/tcp open http Microsoft IIS 9.0Which of the following commands should the penetration tester try next to explore this server?

hydra -1 administrator -P passwords.txt ftp://10.22.2.2

nmap -p 3389 ---script vnc-info.nse 10.22.2.2

medusa -h 10.22.2.2 -n 1433 -u sa -P passwords.txt-Mmssql

During an assessment, a penetration tester was able to access the organization's wireless network from outside of the building using a laptop running Aircrack-ng. Which of the following should be recommended to the client to remediate this issue?

Configure to stop broadcasting the SSID

A client evaluating a penetration testing company requests examples of its work. Which of the following represents the best course of action for the penetration testers?

Determine which reports are no longer under a period of confidentiality.

Provide an example report from a prior penetration test engagement.

Allow the client to only view the information while in secure spaces.

Determine which reports are no longer under a period of confidentiality.

Provide raw output from penetration testing tools.

Which of the following describes why scoping and organizational requirements are important when planning a penetration test?

To define the boundaries and objectives

To identify potential risks and threats during testing

To define the boundaries and objectives

To ensure that all vulnerabilities are identified and addressed

To validate the project timeline and resource allocations

During a REST API security assessment, a penetration tester was able to sniff JSON content containing user credentials. The JSON structure was as follows:<transaction_id: '1234S6', content: [ {user_id: 'mrcrowley', password: ['54321#'] b <user_id: 'ozzy',password: ['1112228'] ) ]Assuming that the variable json contains the parsed JSON data, which of the following Python code snippets correctly returns the password for the user ozzy?

json['content'][1]['password'][0]

json['user_id']['password'][0][1]

json['content'][1]['password'][0]

json['content'][0]['password'][1]

A vulnerability assessor is looking to establish a baseline of all IPv4 network traffic on the local VLAN without a local IP address. Which of the following Nmap command sequences would best provide this information?

sudo nmap ---script=bro* -e ethO

sudo nmap -sF ---script=* -e ethO

sudo nmap -sV -sT -p 0-65535 -e ethO

sudo nmap -sV -p 0-65535 0.0.0.0/0

An organization is using Android mobile devices but does not use MDM services. Which of the following describes an existing risk present in this scenario?

Unsigned applications can be installed.

Device log facility does not record actions.

End users have root access by default.

Unsigned applications can be installed.

Push notification services require internet.

A penetration tester is conducting an assessment on a web application. Which of the following active reconnaissance techniques would be best for the tester to use to gather additional information about the application?

Crawling UR Is using an interception proxy

Using cURL with the verbose option

Crawling UR Is using an interception proxy

Using Scapy for crafted requests

Crawling URIs using a web browser

During a vulnerability management process that lasted several months, a security analyst found the number of vulnerabilities in a production web application consistently grew. Which of the following should the analyst do to best remediate this situation?

Implement security scanning during the pipeline for the CI/CD flow.

Perform penetration testing regularly.

Perform a security evaluation based on the OWASP Top 10.

Implement a peer review process during the coding phase.

Implement security scanning during the pipeline for the CI/CD flow.

CompTIA PT0-002 Practice Test 11 - Free Online Exam Prep & Questions

After obtaining a reverse shell connection, a penetration tester runs the following command: www-data@server!2:sudo -1

User www-data may run the following commands on serverl2: (root) NOPASSWD: /usr/bin/vi

Which of the following is the fastest way to escalate privileges on this server?

Become a Premium Member for full access

Unlock Premium Member

CompTIA PT0-002 Practice Test 11

Question

CompTIA PT0-002 Practice Tests

Practice Tests