ExamGecko
Login
Home / CompTIA / PT0-002 / List of questions
Ask Question

CompTIA PT0-002 Practice Test - Questions Answers, Page 2

Add to Whishlist

List of questions

Question 11

Report Export Collapse

Which of the following describes the reason why a penetration tester would run the command sdelete mimikatz. * on a Windows server that the tester compromised?

To remove hash-cracking registry entries
To remove hash-cracking registry entries
To remove the tester-created Mimikatz account
To remove the tester-created Mimikatz account
To remove tools from the server
To remove tools from the server
To remove a reverse shell from the system
To remove a reverse shell from the system
Suggested answer: B
asked 02/10/2024
Danilo Romelli
61 questions

Question 12

Report Export Collapse

A penetration tester was brute forcing an internal web server and ran a command that produced the following output:

CompTIA PT0-002 image Question 12 97141 10022024175320000000

However, when the penetration tester tried to browse the URL http://172.16.100.10:3000/profile, a blank page was displayed.

Which of the following is the MOST likely reason for the lack of output?

The HTTP port is not open on the firewall.
The HTTP port is not open on the firewall.
The tester did not run sudo before the command.
The tester did not run sudo before the command.
The web server is using HTTPS instead of HTTP.
The web server is using HTTPS instead of HTTP.
This URI returned a server error.
This URI returned a server error.
Suggested answer: A
asked 02/10/2024
Corey Workman
39 questions

Question 13

Report Export Collapse

An Nmap scan shows open ports on web servers and databases. A penetration tester decides to run WPScan and SQLmap to identify vulnerabilities and additional information about those systems.

Which of the following is the penetration tester trying to accomplish?

Uncover potential criminal activity based on the evidence gathered.
Uncover potential criminal activity based on the evidence gathered.
Identify all the vulnerabilities in the environment.
Identify all the vulnerabilities in the environment.
Limit invasiveness based on scope.
Limit invasiveness based on scope.
Maintain confidentiality of the findings.
Maintain confidentiality of the findings.
Suggested answer: C
asked 02/10/2024
Anshul Vyas
48 questions

Question 14

Report Export Collapse

A company hired a penetration tester to do a social-engineering test against its employees. Although the tester did not find any employees' phone numbers on the company's website, the tester has learned the complete phone catalog was published there a few months ago.

In which of the following places should the penetration tester look FIRST for the employees' numbers?

Web archive
Web archive
GitHub
GitHub
File metadata
File metadata
Underground forums
Underground forums
Suggested answer: A
asked 02/10/2024
Pouyan Bani Shahabadi
35 questions

Question 15

Report Export Collapse

A penetration tester completed a vulnerability scan against a web server and identified a single but severe vulnerability.

Which of the following is the BEST way to ensure this is a true positive?

Run another scanner to compare.
Run another scanner to compare.
Perform a manual test on the server.
Perform a manual test on the server.
Check the results on the scanner.
Check the results on the scanner.
Look for the vulnerability online.
Look for the vulnerability online.
Suggested answer: B
asked 02/10/2024
Dario Esposito
42 questions

Question 16

Report Export Collapse

A company's Chief Executive Officer has created a secondary home office and is concerned that the

WiFi service being used is vulnerable to an attack. A penetration tester is hired to test the security of the WiFi's router.

Which of the following is MOST vulnerable to a brute-force attack?

WPS
WPS
WPA2-EAP
WPA2-EAP
WPA-TKIP
WPA-TKIP
WPA2-PSK
WPA2-PSK
Suggested answer: A
Explanation:

Reference: https://us-cert.cisa.gov/ncas/alerts/TA12-006A

asked 02/10/2024
Francesco Facco
34 questions

Question 17

Report Export Collapse

A penetration tester ran the following commands on a Windows server:

CompTIA PT0-002 image Question 17 97146 10022024175320000000

Which of the following should the tester do AFTER delivering the final report?

Delete the scheduled batch job.
Delete the scheduled batch job.
Close the reverse shell connection.
Close the reverse shell connection.
Downgrade the svsaccount permissions.
Downgrade the svsaccount permissions.
Remove the tester-created credentials.
Remove the tester-created credentials.
Suggested answer: D
asked 02/10/2024
richard van der sligte
38 questions

Question 18

Report Export Collapse

A penetration tester is starting an assessment but only has publicly available information about the target company. The client is aware of this exercise and is preparing for the test.

Which of the following describes the scope of the assessment?

Partially known environment testing
Partially known environment testing
Known environment testing
Known environment testing
Unknown environment testing
Unknown environment testing
Physical environment testing
Physical environment testing
Suggested answer: C
asked 02/10/2024
Ty Murray
47 questions

Question 19

Report Export Collapse

A client wants a security assessment company to perform a penetration test against its hot site. The purpose of the test is to determine the effectiveness of the defenses that protect against disruptions to business continuity. Which of the following is the MOST important action to take before starting this type of assessment?

Ensure the client has signed the SOW.
Ensure the client has signed the SOW.
Verify the client has granted network access to the hot site.
Verify the client has granted network access to the hot site.
Determine if the failover environment relies on resources not owned by the client.
Determine if the failover environment relies on resources not owned by the client.
Establish communication and escalation procedures with the client.
Establish communication and escalation procedures with the client.
Suggested answer: A
Explanation:

The statement of work (SOW) is a document that defines the scope, objectives, deliverables, and timeline of a penetration testing engagement. It is important to have the client sign the SOW before starting the assessment to avoid any legal or contractual issues.

asked 02/10/2024
Ronald Zegwaard
34 questions

Question 20

Report Export Collapse

Performing a penetration test against an environment with SCADA devices brings additional safety risk because the:

devices produce more heat and consume more power.
devices produce more heat and consume more power.
devices are obsolete and are no longer available for replacement.
devices are obsolete and are no longer available for replacement.
protocols are more difficult to understand.
protocols are more difficult to understand.
devices may cause physical world effects.
devices may cause physical world effects.
Suggested answer: D
Explanation:

"A significant issue identified by Wiberg is that using active network scanners, such as Nmap, presents a weakness when attempting port recognition or service detection on SCADA devices. Wiberg states that active tools such as Nmap can use unusual TCP segment data to try and find available ports. Furthermore, they can open a massive amount of connections with a specific SCADA device but then fail to close them gracefully." And since SCADA and ICS devices are designed and implemented with little attention having been paid to the operational security of these devices and their ability to handle errors or unexpected events, the presence idle open connections may result into errors that cannot be handled by the devices.

Reference: https://www.hindawi.com/journals/scn/2018/3794603/

asked 02/10/2024
Pachara Suwannasit
37 questions
Total 464 questions
Go to page: of 47
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A penetration tester gains access to a system and is able to migrate to a user process: Given the output above, which of the following actions is the penetration tester performing? (Choose two.)
After successfully compromising a remote host, a security consultant notices an endpoint protection software is running on the host. Which of the following commands would be best for the consultant to use to terminate the protection software and its child processes?
A penetration tester is conducting an assessment against a group of publicly available web servers and notices a number of TCP resets returning from one of the web servers. Which of the following is MOST likely causing the TCP resets to occur during the assessment?
When accessing the URL http://192.168.0-1/validate/user.php , a penetration tester obtained the following output: ..d index: eid in /apache/www/validate/user.php line 12 ..d index: uid in /apache/www/validate/user.php line 13 ..d index: pw in /apache/www/validate/user.php line 14 ..d index: acl in /apache/www/validate/user.php line 15
A Chief Information Security Officer wants a penetration tester to evaluate the security awareness level of the company's employees. Which of the following tools can help the tester achieve this goal?
An organization is using Android mobile devices but does not use MDM services. Which of the following describes an existing risk present in this scenario?
A penetration tester is conducting an unknown environment test and gathering additional information that can be used for later stages of an assessment. Which of the following would most likely produce useful information for additional testing?
Which of the following components should a penetration tester most likely include in a report at the end of an assessment?
A penetration tester was hired to test Wi-Fi equipment. Which of the following tools should be used to gather information about the wireless network?
A consulting company is completing the ROE during scoping. Which of the following should be included in the ROE?