ExamGecko
Login
Home / CompTIA / PT0-002 / List of questions
Ask Question

CompTIA PT0-002 Practice Test - Questions Answers, Page 46

Add to Whishlist

List of questions

Question 451

Report Export Collapse

During an assessment, a penetration tester was able Jo get access on all target servers by attempting authentication using a service account key that was published on the intranet site as part of a standard procedure. Which of the following should the penetration tester recommend for this type of finding?

Become a Premium Member for full access
  Unlock Premium Member

Question 452

Report Export Collapse

A penetration tester gained access to one of the target company's servers. During the enumeration phase, the penetration tester lists the bash history and observes the following row:

Which of the following steps should the penetration tester take next?

Become a Premium Member for full access
  Unlock Premium Member

Question 453

Report Export Collapse

A security engineer is working to identify all email servers on a network. Which of the following commands should the engineer use to identify the servers as well as the software version the servers are running?

Become a Premium Member for full access
  Unlock Premium Member

Question 454

Report Export Collapse

During the execution of a cloud penetration test, a tester was able to gain an initial footprint on the customer cloud infrastructure. Now the tester wants to scan the cloud resources, possible misconfigurations, and other relevant data that could be exploited. Which of the following tools should the tester most likely use?

Become a Premium Member for full access
  Unlock Premium Member

Question 455

Report Export Collapse

A penetration tester wants to crack MD5 hashes more quickly. The tester knows that the first part of the password is Winter followed by four digits and a special character at the end. Which of the following commands should the tester use?

Become a Premium Member for full access
  Unlock Premium Member

Question 456

Report Export Collapse

A penetration tester is doing an assessment for a company that requires an external command-and-control server. The command-and-control tool should be able to use multiple types of payloads (PowerShell. SMB. and binaries) and centralize the management of compromised systems. Which of the following tools should the tester use?

Become a Premium Member for full access
  Unlock Premium Member

Question 457

Report Export Collapse

A client claims that a ransomware attack has crippled its corporate network following a penetration test assessment. Which of the following is the most likely root cause of this issue?

Become a Premium Member for full access
  Unlock Premium Member

Question 458

Report Export Collapse

During an assessment of a web application, a penetration tester would like to test the application for blind SQL injection. Which of the following techniques should the penetration tester perform next?

Become a Premium Member for full access
  Unlock Premium Member

Question 459

Report Export Collapse

Which of the following legal concepts specifically outlines the scope, deliverables, and timelines of a project or engagement?

Become a Premium Member for full access
  Unlock Premium Member

Question 460

Report Export Collapse

A penetration tester discovers a file, key.enc. on a shared drive and then executes the following command, which yields the following output:

CompTIA PT0-002 image Question 460 135176 01202025230348000000

Which of the following are the best recommendations for the penetration tester to suggest? (Select two).

Become a Premium Member for full access
  Unlock Premium Member
Total 464 questions
Go to page: of 47
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A penetration tester gains access to a system and is able to migrate to a user process: Given the output above, which of the following actions is the penetration tester performing? (Choose two.)
After successfully compromising a remote host, a security consultant notices an endpoint protection software is running on the host. Which of the following commands would be best for the consultant to use to terminate the protection software and its child processes?
A penetration tester is conducting an assessment against a group of publicly available web servers and notices a number of TCP resets returning from one of the web servers. Which of the following is MOST likely causing the TCP resets to occur during the assessment?
When accessing the URL http://192.168.0-1/validate/user.php , a penetration tester obtained the following output: ..d index: eid in /apache/www/validate/user.php line 12 ..d index: uid in /apache/www/validate/user.php line 13 ..d index: pw in /apache/www/validate/user.php line 14 ..d index: acl in /apache/www/validate/user.php line 15
A Chief Information Security Officer wants a penetration tester to evaluate the security awareness level of the company's employees. Which of the following tools can help the tester achieve this goal?
An organization is using Android mobile devices but does not use MDM services. Which of the following describes an existing risk present in this scenario?
A penetration tester is conducting an unknown environment test and gathering additional information that can be used for later stages of an assessment. Which of the following would most likely produce useful information for additional testing?
Which of the following components should a penetration tester most likely include in a report at the end of an assessment?
A penetration tester was hired to test Wi-Fi equipment. Which of the following tools should be used to gather information about the wireless network?
A consulting company is completing the ROE during scoping. Which of the following should be included in the ROE?