ExamGecko
Search Search Login
Home Home / CompTIA / PT0-002

CompTIA PT0-002 Practice Test - Questions Answers, Page 18

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

When developing a shell script intended for interpretation in Bash, the interpreter /bin/bash should be explicitly specified. Which of the following character combinations should be used on the first line of the script to accomplish this goal?
During an engagement, a junior penetration tester found a multihomed host that led to an unknown network segment. The penetration tester ran a port scan against the network segment, which caused an outage at the customer's factory. Which of the following documents should the junior penetration tester most likely follow to avoid this issue in the future?
A penetration tester has been provided with only the public domain name and must enumerate additional information for the public-facing assets. INSTRUCTIONS Select the appropriate answer(s), given the output from each section. Output 1
A penetration tester will be performing a vulnerability scan as part of the penetration test on a client's website. The tester plans to run several Nmap scripts that probe for vulnerabilities while avoiding detection. Which of the following Nmap options will the penetration tester MOST likely utilize?
A penetration tester ran the following commands on a Windows server: Which of the following should the tester do AFTER delivering the final report?
Given the following user-supplied data: www.comptia.com/info.php?id=1 AND 1=1 Which of the following attack techniques is the penetration tester likely implementing?
A penetration tester is reviewing the logs of a proxy server and discovers the following URLs: https://test.comptia.com/profile.php?userid=1546 https://test.cpmptia.com/profile.php?userid=5482 https://test.comptia.com/profile.php?userid=3618 Which of the following types of vulnerabilities should be remediated?
A penetration tester is conducting an assessment for an e-commerce company and successfully copies the user database to the local machine. After a closer review, the penetration tester identifies several high-profile celebrities who have active user accounts with the online service. Which of the following is the most appropriate next step?
A penetration tester is conducting an assessment on 192.168.1.112. Given the following output: [ATTEMPT] target 192.168.1.112 - login 'root' - pass 'abcde' [ATTEMPT] target 192.168.1.112 - login 'root' - pass 'edcfg' [ATTEMPT] target 192.168.1.112 - login 'root' - pass 'qazsw' [ATTEMPT] target 192.168.1.112 - login 'root' -- pass ''tyuio'' Which of the following is the penetration tester conducting?
A client would like to have a penetration test performed that leverages a continuously updated TTPs framework and covers a wide variety of enterprise systems and networks. Which of the following methodologies should be used to BEST meet the client's expectations?

Question 171

Report
Export
Collapse

A company has recruited a penetration tester to conduct a vulnerability scan over the network. The test is confirmed to be on a known environment. Which of the following would be the BEST option to identify a system properly prior to performing the assessment?

A.
Asset inventory
A.
Asset inventory
Answers
B.
DNS records
B.
DNS records
Answers
C.
Web-application scan
C.
Web-application scan
Answers
D.
Full scan
D.
Full scan
Answers
Suggested answer: A

Question 172

Report
Export
Collapse

A security firm has been hired to perform an external penetration test against a company. The only information the firm received was the company name. Which of the following passive reconnaissance approaches would be MOST likely to yield positive initial results?

A.
Specially craft and deploy phishing emails to key company leaders.
A.
Specially craft and deploy phishing emails to key company leaders.
Answers
B.
Run a vulnerability scan against the company's external website.
B.
Run a vulnerability scan against the company's external website.
Answers
C.
Runtime the company's vendor/supply chain.
C.
Runtime the company's vendor/supply chain.
Answers
D.
Scrape web presences and social-networking sites.
D.
Scrape web presences and social-networking sites.
Answers
Suggested answer: D

Question 173

Report
Export
Collapse

A security firm is discussing the results of a penetration test with the client. Based on the findings, the client wants to focus the remaining time on a critical network segment. Which of the following BEST describes the action taking place?

A.
Maximizing the likelihood of finding vulnerabilities
A.
Maximizing the likelihood of finding vulnerabilities
Answers
B.
Reprioritizing the goals/objectives
B.
Reprioritizing the goals/objectives
Answers
C.
Eliminating the potential for false positives
C.
Eliminating the potential for false positives
Answers
D.
Reducing the risk to the client environment
D.
Reducing the risk to the client environment
Answers
Suggested answer: B

Explanation:

Goal Reprioritization ? Have the goals of the assessment changed? ? Has any new information been found that might affect the goal or desired end state? I would also agree with A, because by goal reprioritization you are more likely to find vulnerabilities in this specific segment of critical network, but it is a side effect of goal reprioritization.

Question 174

Report
Export
Collapse

Which of the following tools would be BEST suited to perform a manual web application security assessment? (Choose two.)

A.
OWASP ZAP
A.
OWASP ZAP
Answers
B.
Nmap
B.
Nmap
Answers
C.
Nessus
C.
Nessus
Answers
D.
BeEF
D.
BeEF
Answers
E.
Hydra
E.
Hydra
Answers
F.
Burp Suite
F.
Burp Suite
Answers
Suggested answer: A, F

Question 175

Report
Export
Collapse

A penetration tester downloaded the following Perl script that can be used to identify vulnerabilities in network switches. However, the script is not working properly.

Which of the following changes should the tester apply to make the script work as intended?

A.
Change line 2 to $ip= ;Ä? Ä10.192.168.254 ?
A.
Change line 2 to $ip= ;Ä? Ä10.192.168.254 ?
Answers
B.
Remove lines 3, 5, and 6.
B.
Remove lines 3, 5, and 6.
Answers
C.
Remove line 6.
C.
Remove line 6.
Answers
D.
Move all the lines below line 7 to the top of the script.
D.
Move all the lines below line 7 to the top of the script.
Answers
Suggested answer: B

Explanation:

https://www.asc.ohio-state.edu/lewis.239/Class/Perl/perl.html

Example script:

#!/usr/bin/perl

$ip=$argv[1];

attack($ip);

sub attack {

print("x");

}

Question 176

Report
Export
Collapse

A penetration tester finds a PHP script used by a web application in an unprotected internal source code repository. After reviewing the code, the tester identifies the following:

Which of the following combinations of tools would the penetration tester use to exploit this script?

A.
Hydra and crunch
A.
Hydra and crunch
Answers
B.
Netcat and cURL
B.
Netcat and cURL
Answers
C.
Burp Suite and DIRB
C.
Burp Suite and DIRB
Answers
D.
Nmap and OWASP ZAP
D.
Nmap and OWASP ZAP
Answers
Suggested answer: B

Question 177

Report
Export
Collapse

A penetration tester is conducting a penetration test. The tester obtains a root-level shell on a Linux server and discovers the following data in a file named password.txt in the /home/svsacct directory:

U3VQZXIkM2NyZXQhCg==

Which of the following commands should the tester use NEXT to decode the contents of the file?

A.
echo U3VQZXIkM2NyZXQhCg== | base64גÄ"d
A.
echo U3VQZXIkM2NyZXQhCg== | base64גÄ"d
Answers
B.
tar zxvf password.txt
B.
tar zxvf password.txt
Answers
C.
hydra גÄ"l svsacct גÄ"p U3VQZXIkM2NyZXQhCg== ssh://192.168.1.0/24
C.
hydra גÄ"l svsacct גÄ"p U3VQZXIkM2NyZXQhCg== ssh://192.168.1.0/24
Answers
D.
john --wordlist /usr/share/seclists/rockyou.txt password.txt
D.
john --wordlist /usr/share/seclists/rockyou.txt password.txt
Answers
Suggested answer: A

Question 178

Report
Export
Collapse

A penetration tester receives the following results from an Nmap scan:

Which of the following OSs is the target MOST likely running?

A.
CentOS
A.
CentOS
Answers
B.
Arch Linux
B.
Arch Linux
Answers
C.
Windows Server
C.
Windows Server
Answers
D.
Ubuntu
D.
Ubuntu
Answers
Suggested answer: C

Question 179

Report
Export
Collapse

Which of the following situations would require a penetration tester to notify the emergency contact for the engagement?

A.
The team exploits a critical server within the organization.
A.
The team exploits a critical server within the organization.
Answers
B.
The team exfiltrates PII or credit card data from the organization.
B.
The team exfiltrates PII or credit card data from the organization.
Answers
C.
The team loses access to the network remotely.
C.
The team loses access to the network remotely.
Answers
D.
The team discovers another actor on a system on the network.
D.
The team discovers another actor on a system on the network.
Answers
Suggested answer: D

Question 180

Report
Export
Collapse

During an engagement, a penetration tester found the following list of strings inside a file:

Which of the following is the BEST technique to determine the known plaintext of the strings?

A.
Dictionary attack
A.
Dictionary attack
Answers
B.
Rainbow table attack
B.
Rainbow table attack
Answers
C.
Brute-force attack
C.
Brute-force attack
Answers
D.
Credential-stuffing attack
D.
Credential-stuffing attack
Answers
Suggested answer: B
Total 422 questions
Go to page: of 43
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms