ExamGecko
Search Search Login
Home Home / CompTIA / PT0-002

CompTIA PT0-002 Practice Test - Questions Answers, Page 19

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

When developing a shell script intended for interpretation in Bash, the interpreter /bin/bash should be explicitly specified. Which of the following character combinations should be used on the first line of the script to accomplish this goal?
During an engagement, a junior penetration tester found a multihomed host that led to an unknown network segment. The penetration tester ran a port scan against the network segment, which caused an outage at the customer's factory. Which of the following documents should the junior penetration tester most likely follow to avoid this issue in the future?
A penetration tester has been provided with only the public domain name and must enumerate additional information for the public-facing assets. INSTRUCTIONS Select the appropriate answer(s), given the output from each section. Output 1
A penetration tester will be performing a vulnerability scan as part of the penetration test on a client's website. The tester plans to run several Nmap scripts that probe for vulnerabilities while avoiding detection. Which of the following Nmap options will the penetration tester MOST likely utilize?
A penetration tester ran the following commands on a Windows server: Which of the following should the tester do AFTER delivering the final report?
Given the following user-supplied data: www.comptia.com/info.php?id=1 AND 1=1 Which of the following attack techniques is the penetration tester likely implementing?
A penetration tester is reviewing the logs of a proxy server and discovers the following URLs: https://test.comptia.com/profile.php?userid=1546 https://test.cpmptia.com/profile.php?userid=5482 https://test.comptia.com/profile.php?userid=3618 Which of the following types of vulnerabilities should be remediated?
A penetration tester is conducting an assessment for an e-commerce company and successfully copies the user database to the local machine. After a closer review, the penetration tester identifies several high-profile celebrities who have active user accounts with the online service. Which of the following is the most appropriate next step?
A penetration tester is conducting an assessment on 192.168.1.112. Given the following output: [ATTEMPT] target 192.168.1.112 - login 'root' - pass 'abcde' [ATTEMPT] target 192.168.1.112 - login 'root' - pass 'edcfg' [ATTEMPT] target 192.168.1.112 - login 'root' - pass 'qazsw' [ATTEMPT] target 192.168.1.112 - login 'root' -- pass ''tyuio'' Which of the following is the penetration tester conducting?
A client would like to have a penetration test performed that leverages a continuously updated TTPs framework and covers a wide variety of enterprise systems and networks. Which of the following methodologies should be used to BEST meet the client's expectations?

Question 181

Report
Export
Collapse

A penetration tester ran a simple Python-based scanner. The following is a snippet of the code:

Which of the following BEST describes why this script triggered a `probable port scan` alert in the organization's IDS?

A.
sock.settimeout(20) on line 7 caused each next socket to be created every 20 milliseconds.
A.
sock.settimeout(20) on line 7 caused each next socket to be created every 20 milliseconds.
Answers
B.
*range(1, 1025) on line 1 populated the portList list in numerical order.
B.
*range(1, 1025) on line 1 populated the portList list in numerical order.
Answers
C.
Line 6 uses socket.SOCK_STREAM instead of socket.SOCK_DGRAM
C.
Line 6 uses socket.SOCK_STREAM instead of socket.SOCK_DGRAM
Answers
D.
The remoteSvr variable has neither been type-hinted nor initialized.
D.
The remoteSvr variable has neither been type-hinted nor initialized.
Answers
Suggested answer: B

Explanation:

Port randomization is widely used in port scanners. By default, Nmap randomizes the scanned port order (except that certain commonly accessible ports are moved near the beginning for efficiency reasons) https://nmap.org/book/man-port-specification.html

Question 182

Report
Export
Collapse

A penetration tester is conducting an authorized, physical penetration test to attempt to enter a client's building during non-business hours. Which of the following are MOST important for the penetration tester to have during the test? (Choose two.)

A.
A handheld RF spectrum analyzer
A.
A handheld RF spectrum analyzer
Answers
B.
A mask and personal protective equipment
B.
A mask and personal protective equipment
Answers
C.
Caution tape for marking off insecure areas
C.
Caution tape for marking off insecure areas
Answers
D.
A dedicated point of contact at the client
D.
A dedicated point of contact at the client
Answers
E.
The paperwork documenting the engagement
E.
The paperwork documenting the engagement
Answers
F.
Knowledge of the building's normal business hours
F.
Knowledge of the building's normal business hours
Answers
Suggested answer: D, E

Explanation:

Always carry the contact information and any documents stating that you are approved to do this.

Question 183

Report
Export
Collapse

An assessor wants to run an Nmap scan as quietly as possible. Which of the following commands will give the LEAST chance of detection?

A.
nmap -"T3 192.168.0.1
A.
nmap -"T3 192.168.0.1
Answers
B.
nmap - "P0 192.168.0.1
B.
nmap - "P0 192.168.0.1
Answers
C.
nmap - T0 192.168.0.1
C.
nmap - T0 192.168.0.1
Answers
D.
nmap - A 192.168.0.1
D.
nmap - A 192.168.0.1
Answers
Suggested answer: C

Question 184

Report
Export
Collapse

A final penetration test report has been submitted to the board for review and accepted. The report has three findings rated high. Which of the following should be the NEXT step?

A.
Perform a new penetration test.
A.
Perform a new penetration test.
Answers
B.
Remediate the findings.
B.
Remediate the findings.
Answers
C.
Provide the list of common vulnerabilities and exposures.
C.
Provide the list of common vulnerabilities and exposures.
Answers
D.
Broaden the scope of the penetration test.
D.
Broaden the scope of the penetration test.
Answers
Suggested answer: B

Question 185

Report
Export
Collapse

A penetration tester writes the following script:

Which of the following is the tester performing?

A.
Searching for service vulnerabilities
A.
Searching for service vulnerabilities
Answers
B.
Trying to recover a lost bind shell
B.
Trying to recover a lost bind shell
Answers
C.
Building a reverse shell listening on specified ports
C.
Building a reverse shell listening on specified ports
Answers
D.
Scanning a network for specific open ports
D.
Scanning a network for specific open ports
Answers
Suggested answer: D

Explanation:

-z zero-I/O mode [used for scanning]

-v verbose

example output of script:

10.0.0.1: inverse host lookup failed: Unknown host

(UNKNOWN) [10.0.0.1] 22 (ssh) open

(UNKNOWN) [10.0.0.1] 23 (telnet) : Connection timed out

https://unix.stackexchange.com/questions/589561/what-is-nc-z-used-for

Question 186

Report
Export
Collapse

A CentOS computer was exploited during a penetration test. During initial reconnaissance, the penetration tester discovered that port 25 was open on an internal Sendmail server. To remain stealthy, the tester ran the following command from the attack machine:

Which of the following would be the BEST command to use for further progress into the targeted network?

A.
nc 10.10.1.2
A.
nc 10.10.1.2
Answers
B.
ssh 10.10.1.2
B.
ssh 10.10.1.2
Answers
C.
nc 127.0.0.1 5555
C.
nc 127.0.0.1 5555
Answers
D.
ssh 127.0.0.1 5555
D.
ssh 127.0.0.1 5555
Answers
Suggested answer: C

Question 187

Report
Export
Collapse

A penetration tester utilized Nmap to scan host 64.13.134.52 and received the following results:

Based on the output, which of the following services are MOST likely to be exploited? (Choose two.)

A.
Telnet
A.
Telnet
Answers
B.
HTTP
B.
HTTP
Answers
C.
SMTP
C.
SMTP
Answers
D.
DNS
D.
DNS
Answers
E.
NTP
E.
NTP
Answers
F.
SNMP
F.
SNMP
Answers
Suggested answer: B, D

Question 188

Report
Export
Collapse

Which of the following provides an exploitation suite with payload modules that cover the broadest range of target system types?

A.
Nessus
A.
Nessus
Answers
B.
Metasploit
B.
Metasploit
Answers
C.
Burp Suite
C.
Burp Suite
Answers
D.
Ethercap
D.
Ethercap
Answers
Suggested answer: B

Question 189

Report
Export
Collapse

Which of the following would a company's hunt team be MOST interested in seeing in a final report?

A.
Executive summary
A.
Executive summary
Answers
B.
Attack TTPs
B.
Attack TTPs
Answers
C.
Methodology
C.
Methodology
Answers
D.
Scope details
D.
Scope details
Answers
Suggested answer: B

Question 190

Report
Export
Collapse

A Chief Information Security Officer wants a penetration tester to evaluate whether a recently installed firewall is protecting a subnetwork on which many decades- old legacy systems are connected. The penetration tester decides to run an OS discovery and a full port scan to identify all the systems and any potential vulnerability. Which of the following should the penetration tester consider BEFORE running a scan?

A.
The timing of the scan
A.
The timing of the scan
Answers
B.
The bandwidth limitations
B.
The bandwidth limitations
Answers
C.
The inventory of assets and versions
C.
The inventory of assets and versions
Answers
D.
The type of scan
D.
The type of scan
Answers
Suggested answer: C
Total 422 questions
Go to page: of 43
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms