ExamGecko
Home / CompTIA / PT0-002 / List of questions
Ask Question

CompTIA PT0-002 Practice Test - Questions Answers, Page 36

Add to Whishlist

List of questions

Question 351

Report Export Collapse

A security analyst is conducting an unknown environment test from 192.168.3.3. The analyst wants to limit observation of the penetration tester's activities and lower the probability of detection by intrusion protection and detection systems. Which of the following Nmap commands should the analyst use to achieve this objective?

Become a Premium Member for full access
  Unlock Premium Member

Question 352

Report Export Collapse

A penetration tester is enumerating shares and receives the following output:

CompTIA PT0-002 image Question 352 97481 10022024175321000000

Which of the following should the penetration tester enumerate next?

Become a Premium Member for full access
  Unlock Premium Member

Question 353

Report Export Collapse

In Java and C/C++, variable initialization is critical because:

Become a Premium Member for full access
  Unlock Premium Member

Question 354

Report Export Collapse

A penetration tester fuzzes an internal server looking for hidden services and applications and obtains the following output:

CompTIA PT0-002 image Question 354 97483 10022024175321000000

Which of the following is the most likely explanation for the output?

Become a Premium Member for full access
  Unlock Premium Member

Question 355

Report Export Collapse

A penetration tester wants to find the password for any account in the domain without locking any of the accounts. Which of the following commands should the tester use?

Become a Premium Member for full access
  Unlock Premium Member

Question 356

Report Export Collapse

Which of the following tools would be the best to use to intercept an HTTP response of an API, change its content, and forward it back to the origin mobile device?

Become a Premium Member for full access
  Unlock Premium Member

Question 357

Report Export Collapse

During a client engagement, a penetration tester runs the following Nmap command and obtains the following output:

nmap -sV -- script ssl-enum-ciphers -p 443 remotehost

| TLS_ECDHE_ECDSA_WITH_RC4_128_SHA

| TLS_ECDHE_RSA_WITH_RC4_128_SHA

| TLS_RSA_WITH_RC4_128_SHA (rsa 2048)

TLS_RSA_WITH_RC4_128_MD5 (rsa 2048)

Which of the following should the penetration tester include in the report?

Become a Premium Member for full access
  Unlock Premium Member

Question 358

Report Export Collapse

A penetration tester is preparing a credential stuffing attack against a company's website. Which of the following can be used to passively get the most relevant information?

Become a Premium Member for full access
  Unlock Premium Member

Question 359

Report Export Collapse

During an engagement, a penetration tester was able to upload to a server a PHP file with the following content:

<? php system ($_POST['cmd']) ?>

Which of the following commands should the penetration tester run to successfully achieve RCE?

CompTIA PT0-002 image Question 359 97488 10022024175321000000

Become a Premium Member for full access
  Unlock Premium Member

Question 360

Report Export Collapse

Which of the following is the most common vulnerability associated with loT devices that are directly connected to the internet?

Become a Premium Member for full access
  Unlock Premium Member
Total 464 questions
Go to page: of 47
Search

Related questions