ExamGecko
Login
Home / CompTIA / PT0-002 / List of questions
Ask Question

CompTIA PT0-002 Practice Test - Questions Answers, Page 9

Add to Whishlist

List of questions

Question 81

Report Export Collapse

A company that requires minimal disruption to its daily activities needs a penetration tester to perform information gathering around the company's web presence. Which of the following would the tester find MOST helpful in the initial information-gathering steps? (Choose two.)

IP addresses and subdomains
IP addresses and subdomains
Zone transfers
Zone transfers
DNS forward and reverse lookups
DNS forward and reverse lookups
Internet search engines
Internet search engines
Externally facing open ports
Externally facing open ports
Shodan results
Shodan results
Suggested answer: A, D
Explanation:

A) IP addresses and subdomains. This is correct. IP addresses and subdomains are useful information for a penetration tester to identify the scope and range of the company's web presence. IP addresses can reveal the location, network, and service provider of the company's web servers, while subdomains can indicate the different functions and features of the company's website. A penetration tester can use tools like whois, Netcraft, or DNS lookups to find IP addresses and subdomains associated with the company's domain name.

D) Internet search engines. This is correct. Internet search engines are powerful tools for a penetration tester to perform passive information gathering around the company's web presence.

Search engines can provide a wealth of information, such as the company's profile, history, news, social media accounts, reviews, products, services, customers, partners, competitors, and more. A penetration tester can use advanced search operators and keywords to narrow down the results and find relevant information. For example, using the site: operator can limit the results to a specific domain or subdomain, while using the intitle: operator can filter the results by the title of the web pages.

asked 02/10/2024
FOTIS FOURLIAS
48 questions

Question 82

Report Export Collapse

Which of the following are the MOST important items to include in the final report for a penetration test? (Choose two.)

The CVSS score of the finding
The CVSS score of the finding
The network location of the vulnerable device
The network location of the vulnerable device
The vulnerability identifier
The vulnerability identifier
The client acceptance form
The client acceptance form
The name of the person who found the flaw
The name of the person who found the flaw
The tool used to find the issue
The tool used to find the issue
Suggested answer: C, F
asked 02/10/2024
Istvan Molnar
37 questions

Question 83

Report Export Collapse

A penetration tester performs the following command:

curl -I -http2 https://www.comptia.org

Which of the following snippets of output will the tester MOST likely receive?

CompTIA PT0-002 image Question 83 97212 10022024175320000000

Option A
Option A
Option B
Option B
Option C
Option C
Option D
Option D
Suggested answer: A
Explanation:

Reference: https://research.securitum.com/http-2-protocol-it-is-faster-but-is-it-also-safer/

asked 02/10/2024
Wellington Rodrigues da Costa
43 questions

Question 84

Report Export Collapse

A penetration tester runs the unshadow command on a machine. Which of the following tools will the tester most likely use NEXT?

John the Ripper
John the Ripper
Hydra
Hydra
Mimikatz
Mimikatz
Cain and Abel
Cain and Abel
Suggested answer: A
Explanation:

Reference: https://www.cyberciti.biz/faq/unix-linux-password-cracking-john-the-ripper/

asked 02/10/2024
Miguel Sartori
41 questions

Question 85

Report Export Collapse

A penetration tester has been hired to configure and conduct authenticated scans of all the servers on a software company's network. Which of the following accounts should the tester use to return the MOST results?

Root user
Root user
Local administrator
Local administrator
Service
Service
Network administrator
Network administrator
Suggested answer: C
asked 02/10/2024
Jason Siemens
42 questions

Question 86

Report Export Collapse

User credentials were captured from a database during an assessment and cracked using rainbow tables. Based on the ease of compromise, which of the following algorithms was MOST likely used to store the passwords in the database?

MD5
MD5
bcrypt
bcrypt
SHA-1
SHA-1
PBKDF2
PBKDF2
Suggested answer: A
Explanation:

Reference: https://www.geeksforgeeks.org/understanding-rainbow-table-attack/

asked 02/10/2024
Timo Fahlenbck
39 questions

Question 87

Report Export Collapse

A penetration tester recently performed a social-engineering attack in which the tester found an employee of the target company at a local coffee shop and over time built a relationship with the employee. On the employee's birthday, the tester gave the employee an external hard drive as a gift.

Which of the following social-engineering attacks was the tester utilizing?

Phishing
Phishing
Tailgating
Tailgating
Baiting
Baiting
Shoulder surfing
Shoulder surfing
Suggested answer: C
Explanation:

Reference: https://phoenixnap.com/blog/what-is-social-engineering-types-of-threats

asked 02/10/2024
Rey Geric Villafranca
48 questions

Question 88

Report Export Collapse

A penetration tester runs a scan against a server and obtains the following output:

21/tcp open ftp Microsoft ftpd

| ftp-anon: Anonymous FTP login allowed (FTP code 230)

| 03-12-20 09:23AM 331 index.aspx

| ftp-syst:

135/tcp open msrpc Microsoft Windows RPC

139/tcp open netbios-ssn Microsoft Windows netbios-ssn

445/tcp open microsoft-ds Microsoft Windows Server 2012 Std

3389/tcp open ssl/ms-wbt-server

| rdp-ntlm-info:

| Target Name: WEB3

| NetBIOS_Computer_Name: WEB3

| Product_Version: 6.3.9600

|_ System_Time: 2021-01-15T11:32:06+00:00

8443/tcp open http Microsoft IIS httpd 8.5

| http-methods:

|_ Potentially risky methods: TRACE

|_http-server-header: Microsoft-IIS/8.5

|_http-title: IIS Windows Server

Which of the following command sequences should the penetration tester try NEXT?

ftp 192.168.53.23
ftp 192.168.53.23
smbclient \\\\WEB3\\IPC$ -I 192.168.53.23 -U guest
smbclient \\\\WEB3\\IPC$ -I 192.168.53.23 -U guest
ncrack -u Administrator -P 15worst_passwords.txt -p rdp 192.168.53.23
ncrack -u Administrator -P 15worst_passwords.txt -p rdp 192.168.53.23
curl -X TRACE https://192.168.53.23:8443/index.aspx
curl -X TRACE https://192.168.53.23:8443/index.aspx
nmap --script vuln -sV 192.168.53.23
nmap --script vuln -sV 192.168.53.23
Suggested answer: A
asked 02/10/2024
Muath Ahmed Saleh AlShuwaer
44 questions

Question 89

Report Export Collapse

In the process of active service enumeration, a penetration tester identifies an SMTP daemon running on one of the target company's servers. Which of the following actions would BEST enable the tester to perform phishing in a later stage of the assessment?

Test for RFC-defined protocol conformance.
Test for RFC-defined protocol conformance.
Attempt to brute force authentication to the service.
Attempt to brute force authentication to the service.
Perform a reverse DNS query and match to the service banner.
Perform a reverse DNS query and match to the service banner.
Check for an open relay configuration.
Check for an open relay configuration.
Suggested answer: D
Explanation:

SMTP is a protocol associated with mail servers. Therefore, for a penetration tester, an open relay configuration can be exploited to launch phishing attacks.

asked 02/10/2024
Katherin Aragon Calderon
37 questions

Question 90

Report Export Collapse

A red team gained access to the internal network of a client during an engagement and used the Responder tool to capture important data. Which of the following was captured by the testing team?

Multiple handshakes
Multiple handshakes
IP addresses
IP addresses
Encrypted file transfers
Encrypted file transfers
User hashes sent over SMB
User hashes sent over SMB
Suggested answer: B
asked 02/10/2024
ASDASDASDA SDASD
41 questions
Total 464 questions
Go to page: of 47
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A penetration tester gains access to a system and is able to migrate to a user process: Given the output above, which of the following actions is the penetration tester performing? (Choose two.)
After successfully compromising a remote host, a security consultant notices an endpoint protection software is running on the host. Which of the following commands would be best for the consultant to use to terminate the protection software and its child processes?
A penetration tester is conducting an assessment against a group of publicly available web servers and notices a number of TCP resets returning from one of the web servers. Which of the following is MOST likely causing the TCP resets to occur during the assessment?
When accessing the URL http://192.168.0-1/validate/user.php , a penetration tester obtained the following output: ..d index: eid in /apache/www/validate/user.php line 12 ..d index: uid in /apache/www/validate/user.php line 13 ..d index: pw in /apache/www/validate/user.php line 14 ..d index: acl in /apache/www/validate/user.php line 15
A Chief Information Security Officer wants a penetration tester to evaluate the security awareness level of the company's employees. Which of the following tools can help the tester achieve this goal?
An organization is using Android mobile devices but does not use MDM services. Which of the following describes an existing risk present in this scenario?
A penetration tester is conducting an unknown environment test and gathering additional information that can be used for later stages of an assessment. Which of the following would most likely produce useful information for additional testing?
Which of the following components should a penetration tester most likely include in a report at the end of an assessment?
A penetration tester was hired to test Wi-Fi equipment. Which of the following tools should be used to gather information about the wireless network?
A consulting company is completing the ROE during scoping. Which of the following should be included in the ROE?