ExamGecko
Login
Home / CompTIA / PT0-002 / List of questions
Ask Question

CompTIA PT0-002 Practice Test - Questions Answers, Page 32

Add to Whishlist

List of questions

Question 311

Report Export Collapse

A security analyst is conducting an unknown environment test from 192.168 3.3. The analyst wants to limit observation of the penetration tester's activities and lower the probability of detection by intrusion protection and detection systems. Which of the following Nmap commands should the analyst use to achieve This objective?

Become a Premium Member for full access
  Unlock Premium Member

Question 312

Report Export Collapse

Which of the following tools would be the best to use to intercept an HTTP response at an API, change its content, and forward it back to the origin mobile device?

Become a Premium Member for full access
  Unlock Premium Member

Question 313

Report Export Collapse

A penetration tester executes the following Nmap command and obtains the following output:

CompTIA PT0-002 image Question 313 97442 10022024175321000000

Which of the following commands would best help the penetration tester discover an exploitable service?

Become a Premium Member for full access
  Unlock Premium Member

Question 314

Report Export Collapse

During a vulnerability scanning phase, a penetration tester wants to execute an Nmap scan using custom NSE scripts stored in the following folder:

/home/user/scripts

Which of the following commands should the penetration tester use to perform this scan?

Become a Premium Member for full access
  Unlock Premium Member

Question 315

Report Export Collapse

A penetration tester managed to exploit a vulnerability using the following payload:

IF (1=1) WAIT FOR DELAY '0:0:15'

Which of the following actions would best mitigate this type ol attack?

Become a Premium Member for full access
  Unlock Premium Member

Question 316

Report Export Collapse

Which of the following is the most important aspect to consider when calculating the price of a penetration test service for a client?

Become a Premium Member for full access
  Unlock Premium Member

Question 317

Report Export Collapse

Which of the following should be included in scope documentation?

Become a Premium Member for full access
  Unlock Premium Member

Question 318

Report Export Collapse

Which of the following assessment methods is the most likely to cause harm to an ICS environment?

Become a Premium Member for full access
  Unlock Premium Member

Question 319

Report Export Collapse

Which of the following is most important to include in the final report of a static application-security test that was written with a team of application developers as the intended audience?

Become a Premium Member for full access
  Unlock Premium Member

Question 320

Report Export Collapse

A penetration tester developed the following script to be used during an engagement:

#!/usr/bin/python

import socket, sys

ports = [21, 22, 23, 25, 80, 139, 443, 445, 3306, 3389]

if len(sys.argv) > 1:

target = socket.gethostbyname (sys. argv [0])

else:

print ('Few arguments.')

print ('Syntax: python {} <target ip>'. format (sys. argv [0]))

sys.exit ()

try:

for port in ports:

s = socket. socket (socket. AF_INET, socket. SOCK_STREAM)

s.settimeout (2)

result = s.connect_ex ((target, port) )

if result == 0:

print ('Port {} is opened'. format (port) )

except KeyboardInterrupt:

print ('\nExiting ... ')

sys.exit ()

However, when the penetration tester ran the script, the tester received the following message:

socket.gaierror: [Errno -2] Name or service not known

Which of the following changes should the penetration tester implement to fix the script?

Become a Premium Member for full access
  Unlock Premium Member
Total 464 questions
Go to page: of 47
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A penetration tester gains access to a system and is able to migrate to a user process: Given the output above, which of the following actions is the penetration tester performing? (Choose two.)
After successfully compromising a remote host, a security consultant notices an endpoint protection software is running on the host. Which of the following commands would be best for the consultant to use to terminate the protection software and its child processes?
A penetration tester is conducting an assessment against a group of publicly available web servers and notices a number of TCP resets returning from one of the web servers. Which of the following is MOST likely causing the TCP resets to occur during the assessment?
When accessing the URL http://192.168.0-1/validate/user.php , a penetration tester obtained the following output: ..d index: eid in /apache/www/validate/user.php line 12 ..d index: uid in /apache/www/validate/user.php line 13 ..d index: pw in /apache/www/validate/user.php line 14 ..d index: acl in /apache/www/validate/user.php line 15
A Chief Information Security Officer wants a penetration tester to evaluate the security awareness level of the company's employees. Which of the following tools can help the tester achieve this goal?
An organization is using Android mobile devices but does not use MDM services. Which of the following describes an existing risk present in this scenario?
A penetration tester is conducting an unknown environment test and gathering additional information that can be used for later stages of an assessment. Which of the following would most likely produce useful information for additional testing?
Which of the following components should a penetration tester most likely include in a report at the end of an assessment?
A penetration tester was hired to test Wi-Fi equipment. Which of the following tools should be used to gather information about the wireless network?
A consulting company is completing the ROE during scoping. Which of the following should be included in the ROE?