ExamGecko
Search Search Login
Home Home / CompTIA / PT0-002

CompTIA PT0-002 Practice Test - Questions Answers, Page 16

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

When developing a shell script intended for interpretation in Bash, the interpreter /bin/bash should be explicitly specified. Which of the following character combinations should be used on the first line of the script to accomplish this goal?
During an engagement, a junior penetration tester found a multihomed host that led to an unknown network segment. The penetration tester ran a port scan against the network segment, which caused an outage at the customer's factory. Which of the following documents should the junior penetration tester most likely follow to avoid this issue in the future?
A penetration tester has been provided with only the public domain name and must enumerate additional information for the public-facing assets. INSTRUCTIONS Select the appropriate answer(s), given the output from each section. Output 1
A penetration tester will be performing a vulnerability scan as part of the penetration test on a client's website. The tester plans to run several Nmap scripts that probe for vulnerabilities while avoiding detection. Which of the following Nmap options will the penetration tester MOST likely utilize?
A penetration tester ran the following commands on a Windows server: Which of the following should the tester do AFTER delivering the final report?
Given the following user-supplied data: www.comptia.com/info.php?id=1 AND 1=1 Which of the following attack techniques is the penetration tester likely implementing?
A penetration tester is reviewing the logs of a proxy server and discovers the following URLs: https://test.comptia.com/profile.php?userid=1546 https://test.cpmptia.com/profile.php?userid=5482 https://test.comptia.com/profile.php?userid=3618 Which of the following types of vulnerabilities should be remediated?
A penetration tester is conducting an assessment for an e-commerce company and successfully copies the user database to the local machine. After a closer review, the penetration tester identifies several high-profile celebrities who have active user accounts with the online service. Which of the following is the most appropriate next step?
A penetration tester is conducting an assessment on 192.168.1.112. Given the following output: [ATTEMPT] target 192.168.1.112 - login 'root' - pass 'abcde' [ATTEMPT] target 192.168.1.112 - login 'root' - pass 'edcfg' [ATTEMPT] target 192.168.1.112 - login 'root' - pass 'qazsw' [ATTEMPT] target 192.168.1.112 - login 'root' -- pass ''tyuio'' Which of the following is the penetration tester conducting?
A client would like to have a penetration test performed that leverages a continuously updated TTPs framework and covers a wide variety of enterprise systems and networks. Which of the following methodologies should be used to BEST meet the client's expectations?

Question 151

Report
Export
Collapse

Which of the following types of information would MOST likely be included in an application security assessment report addressed to developers? (Choose two.)

A.
Use of non-optimized sort functions
A.
Use of non-optimized sort functions
Answers
B.
Poor input sanitization
B.
Poor input sanitization
Answers
C.
Null pointer dereferences
C.
Null pointer dereferences
Answers
D.
Non-compliance with code style guide
D.
Non-compliance with code style guide
Answers
E.
Use of deprecated Javadoc tags
E.
Use of deprecated Javadoc tags
Answers
F.
A cydomatic complexity score of 3
F.
A cydomatic complexity score of 3
Answers
Suggested answer: B, C

Question 152

Report
Export
Collapse

A penetration tester has found indicators that a privileged user's password might be the same on 30 different Linux systems. Which of the following tools can help the tester identify the number of systems on which the password can be used?

A.
Hydra
A.
Hydra
Answers
B.
John the Ripper
B.
John the Ripper
Answers
C.
Cain and Abel
C.
Cain and Abel
Answers
D.
Medusa
D.
Medusa
Answers
Suggested answer: D

Explanation:

Both Hydra and Medusa can be used for that same purpose:

THC Hydra is a brute-force cracking tool for remote authentication services. It supports many protocols, including telnet, FTP, LDAP, SSH, SNMP, and others.

Medusa is a Parallel, Modular and Speedy method for brute-force which issued for remote authentication. Following are the applications and protocols like modular design, Thread based parallel testing and flexible user input and protocols are AFP, CVS, FTP, HTTP, IMAP etc.

Question 153

Report
Export
Collapse

A penetration tester was able to compromise a server and escalate privileges. Which of the following should the tester perform AFTER concluding the activities on the specified target? (Choose two.)

A.
Remove the logs from the server.
A.
Remove the logs from the server.
Answers
B.
Restore the server backup.
B.
Restore the server backup.
Answers
C.
Disable the running services.
C.
Disable the running services.
Answers
D.
Remove any tools or scripts that were installed.
D.
Remove any tools or scripts that were installed.
Answers
E.
Delete any created credentials.
E.
Delete any created credentials.
Answers
F.
Reboot the target server.
F.
Reboot the target server.
Answers
Suggested answer: D, E

Question 154

Report
Export
Collapse

During a penetration test, the domain names, IP ranges, hosts, and applications are defined in the:

A.
SOW.
A.
SOW.
Answers
B.
SLA.
B.
SLA.
Answers
C.
ROE.
C.
ROE.
Answers
D.
NDA
D.
NDA
Answers
Suggested answer: C

Explanation:

https://mainnerve.com/what-are-rules-of-engagement-in-pentesting/#:~:text=The%20ROE%20includes%20the%20dates,limits%2C%20or%20out%20of%20scope.

Question 155

Report
Export
Collapse

A penetration tester has established an on-path position between a target host and local network services but has not been able to establish an on-path position between the target host and the

Internet. Regardless, the tester would like to subtly redirect HTTP connections to a spoofed server IP.

Which of the following methods would BEST support the objective?

A.
Gain access to the target host and implant malware specially crafted for this purpose.
A.
Gain access to the target host and implant malware specially crafted for this purpose.
Answers
B.
Exploit the local DNS server and add/update the zone records with a spoofed A record.
B.
Exploit the local DNS server and add/update the zone records with a spoofed A record.
Answers
C.
Use the Scapy utility to overwrite name resolution fields in the DNS query response.
C.
Use the Scapy utility to overwrite name resolution fields in the DNS query response.
Answers
D.
Proxy HTTP connections from the target host to that of the spoofed host.
D.
Proxy HTTP connections from the target host to that of the spoofed host.
Answers
Suggested answer: D

Question 156

Report
Export
Collapse

A Chief Information Security Officer wants to evaluate the security of the company's e-commerce application. Which of the following tools should a penetration tester use FIRST to obtain relevant information from the application without triggering alarms?

A.
SQLmap
A.
SQLmap
Answers
B.
DirBuster
B.
DirBuster
Answers
C.
w3af
C.
w3af
Answers
D.
OWASP ZAP
D.
OWASP ZAP
Answers
Suggested answer: C

Explanation:

W3AF, the Web Application Attack and Audit Framework, is an open source web application security scanner that includes directory and filename brute-forcing in its list of capabilities.

Question 157

Report
Export
Collapse

Which of the following documents must be signed between the penetration tester and the client to govern how any provided information is managed before, during, and after the engagement?

A.
MSA
A.
MSA
Answers
B.
NDA
B.
NDA
Answers
C.
SOW
C.
SOW
Answers
D.
ROE
D.
ROE
Answers
Suggested answer: B

Question 158

Report
Export
Collapse

A penetration tester needs to upload the results of a port scan to a centralized security tool. Which of the following commands would allow the tester to save the results in an interchangeable format?

A.
nmap -iL results 192.168.0.10-100
A.
nmap -iL results 192.168.0.10-100
Answers
B.
nmap 192.168.0.10-100 -O > results
B.
nmap 192.168.0.10-100 -O > results
Answers
C.
nmap -A 192.168.0.10-100 -oX results
C.
nmap -A 192.168.0.10-100 -oX results
Answers
D.
nmap 192.168.0.10-100 | grep "results"
D.
nmap 192.168.0.10-100 | grep "results"
Answers
Suggested answer: C

Question 159

Report
Export
Collapse

An Nmap scan of a network switch reveals the following:

Which of the following technical controls will most likely be the FIRST recommendation for this device?

A.
Encrypted passwords
A.
Encrypted passwords
Answers
B.
System-hardening techniques
B.
System-hardening techniques
Answers
C.
Multifactor authentication
C.
Multifactor authentication
Answers
D.
Network segmentation
D.
Network segmentation
Answers
Suggested answer: B

Question 160

Report
Export
Collapse

A penetration tester, who is doing an assessment, discovers an administrator has been exfiltrating proprietary company information. The administrator offers to pay the tester to keep quiet. Which of the following is the BEST action for the tester to take?

A.
Check the scoping document to determine if exfiltration is within scope.
A.
Check the scoping document to determine if exfiltration is within scope.
Answers
B.
Stop the penetration test.
B.
Stop the penetration test.
Answers
C.
Escalate the issue.
C.
Escalate the issue.
Answers
D.
Include the discovery and interaction in the daily report.
D.
Include the discovery and interaction in the daily report.
Answers
Suggested answer: B

Explanation:

"Another reason to communicate with the customer is to let the customer know if something unexpected arises while doing the pentest, such as if a critical vulnerability is found on a system, a new target system is found that is outside the scope of the penetration test targets, or a security breach is discovered when doing the penetration test. You will need to discuss how to handle such discoveries and who to contact if those events occur. In case of such events, you typically stop the pentest temporarily to discuss the issue with the customer, then resume once a resolution has been determined."

Total 422 questions
Go to page: of 43
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms