CompTIA PT0-002 Practice Test - Questions Answers, Page 43

List of questions
Question 421

After compromising a remote host, a penetration tester is able to obtain a web shell. A firewall is blocking outbound traffic. Which of the following commands would allow the penetration tester to obtain an interactive shell on the remote host?
Question 422

A penetration tester runs an Nmap scan and obtains the following output:
Starting Nmap 7.80 ( https://nmap.org ) at 2023-02-12 18:53 GMT
Nmap scan report for 10.22.2.2
Host is up (0.0011s latency).
PORT STATE SERVICE VERSION
135/tcp open msrpc Microsoft Windows RPC
139/tcp open netbios-ssn Microsoft Windows netbios-ssn
445/tcp open microsoft-ds Microsoft Windows Server 2019
1433/tcp open ms-sql-s Microsoft SQL Server 2019
3389/tcp open ms-wbt-server Microsoft Terminal Services
8080/tcp open http Microsoft IIS 9.0
Which of the following commands should the penetration tester try next to explore this server?
Question 423

During an assessment, a penetration tester was able to access the organization's wireless network from outside of the building using a laptop running Aircrack-ng. Which of the following should be recommended to the client to remediate this issue?
Question 424

Which of the following tools is commonly used for network scanning and enumeration during a penetration test?
Question 425

A client evaluating a penetration testing company requests examples of its work. Which of the following represents the best course of action for the penetration testers?
Question 426

Which of the following documents best ensures an external consulting firm that is hired to perform a penetration test understands and complies with the customer's security policies and procedures?
Question 427

Which of the following describes why scoping and organizational requirements are important when planning a penetration test?
Question 428

A penetration tester runs a reconnaissance script and would like the output in a standardized machine-readable format in order to pass the data to another application. Which of the following is the best for the tester to use?
Question 429

A penetration tester is performing an assessment against a customer's web application that is hosted in a major cloud provider's environment. The penetration tester observes that the majority of the attacks attempted are being blocked by the organization's WAF. Which of the following attacks would be most likely to succeed?
Question 430

Which of the following components should a penetration tester most likely include in a report at the end of an assessment?
Question