ExamGecko
Search Search Login
Home Home / CompTIA / PT0-002

CompTIA PT0-002 Practice Test - Questions Answers, Page 2

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

When developing a shell script intended for interpretation in Bash, the interpreter /bin/bash should be explicitly specified. Which of the following character combinations should be used on the first line of the script to accomplish this goal?
During an engagement, a junior penetration tester found a multihomed host that led to an unknown network segment. The penetration tester ran a port scan against the network segment, which caused an outage at the customer's factory. Which of the following documents should the junior penetration tester most likely follow to avoid this issue in the future?
A penetration tester has been provided with only the public domain name and must enumerate additional information for the public-facing assets. INSTRUCTIONS Select the appropriate answer(s), given the output from each section. Output 1
A penetration tester will be performing a vulnerability scan as part of the penetration test on a client's website. The tester plans to run several Nmap scripts that probe for vulnerabilities while avoiding detection. Which of the following Nmap options will the penetration tester MOST likely utilize?
A penetration tester ran the following commands on a Windows server: Which of the following should the tester do AFTER delivering the final report?
Given the following user-supplied data: www.comptia.com/info.php?id=1 AND 1=1 Which of the following attack techniques is the penetration tester likely implementing?
A penetration tester is conducting an assessment for an e-commerce company and successfully copies the user database to the local machine. After a closer review, the penetration tester identifies several high-profile celebrities who have active user accounts with the online service. Which of the following is the most appropriate next step?
A client would like to have a penetration test performed that leverages a continuously updated TTPs framework and covers a wide variety of enterprise systems and networks. Which of the following methodologies should be used to BEST meet the client's expectations?
A penetration tester is reviewing the logs of a proxy server and discovers the following URLs: https://test.comptia.com/profile.php?userid=1546 https://test.cpmptia.com/profile.php?userid=5482 https://test.comptia.com/profile.php?userid=3618 Which of the following types of vulnerabilities should be remediated?
A penetration tester is conducting an assessment on 192.168.1.112. Given the following output: [ATTEMPT] target 192.168.1.112 - login 'root' - pass 'abcde' [ATTEMPT] target 192.168.1.112 - login 'root' - pass 'edcfg' [ATTEMPT] target 192.168.1.112 - login 'root' - pass 'qazsw' [ATTEMPT] target 192.168.1.112 - login 'root' -- pass ''tyuio'' Which of the following is the penetration tester conducting?

Question 11

Report
Export
Collapse

Which of the following describes the reason why a penetration tester would run the command sdelete mimikatz. * on a Windows server that the tester compromised?

A.
To remove hash-cracking registry entries
A.
To remove hash-cracking registry entries
Answers
B.
To remove the tester-created Mimikatz account
B.
To remove the tester-created Mimikatz account
Answers
C.
To remove tools from the server
C.
To remove tools from the server
Answers
D.
To remove a reverse shell from the system
D.
To remove a reverse shell from the system
Answers
Suggested answer: B

Question 12

Report
Export
Collapse

A penetration tester was brute forcing an internal web server and ran a command that produced the following output:

However, when the penetration tester tried to browse the URL http://172.16.100.10:3000/profile, a blank page was displayed.

Which of the following is the MOST likely reason for the lack of output?

A.
The HTTP port is not open on the firewall.
A.
The HTTP port is not open on the firewall.
Answers
B.
The tester did not run sudo before the command.
B.
The tester did not run sudo before the command.
Answers
C.
The web server is using HTTPS instead of HTTP.
C.
The web server is using HTTPS instead of HTTP.
Answers
D.
This URI returned a server error.
D.
This URI returned a server error.
Answers
Suggested answer: A

Question 13

Report
Export
Collapse

An Nmap scan shows open ports on web servers and databases. A penetration tester decides to run WPScan and SQLmap to identify vulnerabilities and additional information about those systems.

Which of the following is the penetration tester trying to accomplish?

A.
Uncover potential criminal activity based on the evidence gathered.
A.
Uncover potential criminal activity based on the evidence gathered.
Answers
B.
Identify all the vulnerabilities in the environment.
B.
Identify all the vulnerabilities in the environment.
Answers
C.
Limit invasiveness based on scope.
C.
Limit invasiveness based on scope.
Answers
D.
Maintain confidentiality of the findings.
D.
Maintain confidentiality of the findings.
Answers
Suggested answer: C

Question 14

Report
Export
Collapse

A company hired a penetration tester to do a social-engineering test against its employees. Although the tester did not find any employees' phone numbers on the company's website, the tester has learned the complete phone catalog was published there a few months ago.

In which of the following places should the penetration tester look FIRST for the employees' numbers?

A.
Web archive
A.
Web archive
Answers
B.
GitHub
B.
GitHub
Answers
C.
File metadata
C.
File metadata
Answers
D.
Underground forums
D.
Underground forums
Answers
Suggested answer: A

Question 15

Report
Export
Collapse

A penetration tester completed a vulnerability scan against a web server and identified a single but severe vulnerability.

Which of the following is the BEST way to ensure this is a true positive?

A.
Run another scanner to compare.
A.
Run another scanner to compare.
Answers
B.
Perform a manual test on the server.
B.
Perform a manual test on the server.
Answers
C.
Check the results on the scanner.
C.
Check the results on the scanner.
Answers
D.
Look for the vulnerability online.
D.
Look for the vulnerability online.
Answers
Suggested answer: B

Question 16

Report
Export
Collapse

A company's Chief Executive Officer has created a secondary home office and is concerned that the

WiFi service being used is vulnerable to an attack. A penetration tester is hired to test the security of the WiFi's router.

Which of the following is MOST vulnerable to a brute-force attack?

A.
WPS
A.
WPS
Answers
B.
WPA2-EAP
B.
WPA2-EAP
Answers
C.
WPA-TKIP
C.
WPA-TKIP
Answers
D.
WPA2-PSK
D.
WPA2-PSK
Answers
Suggested answer: A

Explanation:

Reference: https://us-cert.cisa.gov/ncas/alerts/TA12-006A

Question 17

Report
Export
Collapse

A penetration tester ran the following commands on a Windows server:

Which of the following should the tester do AFTER delivering the final report?

A.
Delete the scheduled batch job.
A.
Delete the scheduled batch job.
Answers
B.
Close the reverse shell connection.
B.
Close the reverse shell connection.
Answers
C.
Downgrade the svsaccount permissions.
C.
Downgrade the svsaccount permissions.
Answers
D.
Remove the tester-created credentials.
D.
Remove the tester-created credentials.
Answers
Suggested answer: D

Question 18

Report
Export
Collapse

A penetration tester is starting an assessment but only has publicly available information about the target company. The client is aware of this exercise and is preparing for the test.

Which of the following describes the scope of the assessment?

A.
Partially known environment testing
A.
Partially known environment testing
Answers
B.
Known environment testing
B.
Known environment testing
Answers
C.
Unknown environment testing
C.
Unknown environment testing
Answers
D.
Physical environment testing
D.
Physical environment testing
Answers
Suggested answer: C

Question 19

Report
Export
Collapse

A client wants a security assessment company to perform a penetration test against its hot site. The purpose of the test is to determine the effectiveness of the defenses that protect against disruptions to business continuity. Which of the following is the MOST important action to take before starting this type of assessment?

A.
Ensure the client has signed the SOW.
A.
Ensure the client has signed the SOW.
Answers
B.
Verify the client has granted network access to the hot site.
B.
Verify the client has granted network access to the hot site.
Answers
C.
Determine if the failover environment relies on resources not owned by the client.
C.
Determine if the failover environment relies on resources not owned by the client.
Answers
D.
Establish communication and escalation procedures with the client.
D.
Establish communication and escalation procedures with the client.
Answers
Suggested answer: A

Explanation:

The statement of work (SOW) is a document that defines the scope, objectives, deliverables, and timeline of a penetration testing engagement. It is important to have the client sign the SOW before starting the assessment to avoid any legal or contractual issues.

Question 20

Report
Export
Collapse

Performing a penetration test against an environment with SCADA devices brings additional safety risk because the:

A.
devices produce more heat and consume more power.
A.
devices produce more heat and consume more power.
Answers
B.
devices are obsolete and are no longer available for replacement.
B.
devices are obsolete and are no longer available for replacement.
Answers
C.
protocols are more difficult to understand.
C.
protocols are more difficult to understand.
Answers
D.
devices may cause physical world effects.
D.
devices may cause physical world effects.
Answers
Suggested answer: D

Explanation:

"A significant issue identified by Wiberg is that using active network scanners, such as Nmap, presents a weakness when attempting port recognition or service detection on SCADA devices. Wiberg states that active tools such as Nmap can use unusual TCP segment data to try and find available ports. Furthermore, they can open a massive amount of connections with a specific SCADA device but then fail to close them gracefully." And since SCADA and ICS devices are designed and implemented with little attention having been paid to the operational security of these devices and their ability to handle errors or unexpected events, the presence idle open connections may result into errors that cannot be handled by the devices.

Reference: https://www.hindawi.com/journals/scn/2018/3794603/

Total 422 questions
Go to page: of 43
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms