CompTIA PT0-002 Practice Test - Questions Answers, Page 34

Given the following code:

$p = (80, 110, 25)

$network = (192.168.0)

$range = 1 .. 254

$ErrorActionPreference = 'silentlycontinue'

$Foreach ($add in $range)

$Foreach ($x in $p)

{ {$ip = '{0} . {1} -F $network, $add'

If (Test-Connection -BufferSize 32 -Count 1 -quiet -ComputerName $ip)

{$socket = new-object System.Net. Sockets. TcpClient (&ip, $x)

If ($socket. Connected) { $ip $p open'

$socket. Close () }

}

}}

Which of the following tasks could be accomplished with the script?

A penetration tester is reviewing the security of a web application running in an laaS compute instance. Which of the following payloads should the tester send to get the running process credentials?

HOTSPOT

A penetration tester is performing reconnaissance for a web application assessment. Upon investigation, the tester reviews the robots.txt file for items of interest.

INSTRUCTIONS

Select the tool the penetration tester should use for further investigation.

Select the two entries in the robots.txt file that the penetration tester should recommend for removal.

A security firm is discussing the results of a penetration test with a client. Based on the findings, the client wants to focus the remaining time on a critical network segment. Which of the following best describes the action taking place?

A penetration tester wrote the following script on a compromised system:

#!/bin/bash

network='10.100.100'

ports='22 23 80 443'

for x in {1 .. 254};

do (nc -zv $network.$x $ports );

done

Which of the following would explain using this script instead of another tool?

An executive needs to use Wi-Fi to connect to the company's server while traveling. While looking for available Wi-Fi connections, the executive notices an available access point to a hotel chain that is not available where the executive is staying. Which of the following attacks is the executive most likely experiencing?

During a client engagement, a penetration tester runs the following Nmap command and obtains the following output:

nmap -sV -- script ssl-enum-ciphers -p 443 remotehost

| TLS_ECDHE_ECDSA_WITH_RC4_128_SHA

| TLS_ECDHE_RSA_WITH_RC4_128_SHA

TLS_RSA_WITH_RC4_128_SHA (rsa 2048)

TLS_RSA_WITH_RC4_128_MD5 (rsa 2048)

Which of the following should the penetration tester include in the report?

A penetration tester requested, without express authorization, that a CVE number be assigned for a new vulnerability found on an internal client application. Which of the following did the penetration tester most likely breach?

A client asks a penetration tester to retest its network a week after the scheduled maintenance window. Which of the following is the client attempting to do?