CompTIA PT0-002 Practice Test - Questions Answers, Page 42

A penetration tester is performing an assessment for an organization and must gather valid user credentials. Which of the following attacks would be best for the tester to use to achieve this objective?

After successfully compromising a remote host, a security consultant notices an endpoint protection software is running on the host. Which of the following commands would be best for the consultant to use to terminate the protection software and its child processes?

A penetration tester is performing an assessment of an application that allows users to upload documents to a cloud-based file server for easy access anywhere in the world. Which of the following would most likely allow a tester to access unintentionally exposed documents?

Which of the following is the most important to include in the scope of a wireless security assessment?

As part of active reconnaissance, penetration testers need to determine whether a protection mechanism is in place to safeguard the target's website against web application attacks. Which of the following methods would be the most suitable?

During an assessment, a penetration tester found an application with the default credentials enabled. Which of the following best describes the technical control required to fix this issue?

A penetration tester was able to gain access to a plaintext file on a user workstation. Upon opening the file, the tester notices some strings of randomly generated text. The tester is able to use these strings to move laterally throughout the network by accessing the fileshare on a web application. Which of the following should the organization do to remediate the issue?

A penetration tester is hired to test a client's systems. The client's systems are hosted by the client at its headquarters. The production environment is hosted by a private cloud-hosting company. Which of the following would be the most important for the penetration tester to determine before beginning the test?

Which of the following is a ROE component that provides a penetration tester with guidance on who and how to contact the necessary individuals in the event of a disaster during an engagement?