ExamGecko
Search Search Login
Home Home / CompTIA / PT0-003
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A penetration tester needs to evaluate the order in which the next systems will be selected for testing. Given the following output: Hostname | IP address | CVSS 2.0 | EPSS hrdatabase | 192.168.20.55 | 9.9 | 0.50 financesite | 192.168.15.99 | 8.0 | 0.01 legaldatabase | 192.168.10.2 | 8.2 | 0.60 fileserver | 192.168.125.7 | 7.6 | 0.90 Which of the following targets should the tester select next?
During a security assessment, a penetration tester needs to exploit a vulnerability in a wireless network's authentication mechanism to gain unauthorized access to the network. Which of the following attacks would the tester most likely perform to gain access?
A penetration tester gains initial access to a target system by exploiting a recent RCE vulnerability. The patch for the vulnerability will be deployed at the end of the week. Which of the following utilities would allow the tester to reenter the system remotely after the patch has been deployed? (Select two).
During a security audit, a penetration tester wants to run a process to gather information about a target network's domain structure and associated IP addresses. Which of the following tools should the tester use?
During a penetration test, a junior tester uses Hunter.io for an assessment and plans to review the information that will be collected. Which of the following describes the information the junior tester will receive from the Hunter.io tool?
A penetration tester needs to collect information over the network for further steps in an internal assessment. Which of the following would most likely accomplish this goal?
A penetration tester presents the following findings to stakeholders: Control | Number of findings | Risk | Notes Encryption | 1 | Low | Weak algorithm noted Patching | 8 | Medium | Unsupported systems System hardening | 2 | Low | Baseline drift observed Secure SDLC | 10 | High | Libraries have vulnerabilities Password policy | 0 | Low | No exceptions noted Based on the findings, which of the following recommendations should the tester make? (Select two).
Which of the following describes the process of determining why a vulnerability scanner is not providing results?
Which of the following tasks would ensure the key outputs from a penetration test are not lost as part of the cleanup and restoration activities?
A penetration tester assesses a complex web application and wants to explore potential security weaknesses by searching for subdomains that might have existed in the past. Which of the following tools should the penetration tester use?

Question 66 - PT0-003 discussion

Report
Export

During the reconnaissance phase, a penetration tester collected the following information from the DNS records:

A-----> www

A-----> host

TXT --> vpn.comptia.org

SPF---> ip =2.2.2.2

Which of the following DNS records should be in place to avoid phishing attacks using spoofing domain techniques?

A.
MX
Answers
A.
MX
B.
SOA
Answers
B.
SOA
C.
DMARC
Answers
C.
DMARC
D.
CNAME
Answers
D.
CNAME
Suggested answer: C

Explanation:

DMARC (Domain-based Message Authentication, Reporting & Conformance) is an email authentication protocol that helps prevent email spoofing and phishing. It builds on SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) to provide a mechanism for email senders and receivers to improve and monitor the protection of the domain from fraudulent email.

Step-by-Step Explanation

Understanding DMARC:

SPF: Defines which IP addresses are allowed to send emails on behalf of a domain.

DKIM: Provides a way to check that an email claiming to come from a specific domain was indeed authorized by the owner of that domain.

DMARC: Uses SPF and DKIM to determine the authenticity of an email and specifies what action to take if the email fails the authentication checks.

Implementing DMARC:

Create a DMARC policy in your DNS records. This policy can specify to reject, quarantine, or take no action on emails that fail SPF or DKIM checks.

Example DMARC record: v=DMARC1; p=reject; rua=mailto:[email protected];

Benefits of DMARC:

Helps to prevent email spoofing and phishing attacks.

Provides visibility into email sources through reports.

Enhances domain reputation by ensuring only legitimate emails are sent from the domain.

DMARC Record Components:

v: Version of DMARC.

p: Policy for handling emails that fail the DMARC check (none, quarantine, reject).

rua: Reporting URI of aggregate reports.

ruf: Reporting URI of forensic reports.

pct: Percentage of messages subjected to filtering.

Real-World Example:

A company sets up a DMARC policy with p=reject to ensure that any emails failing SPF or DKIM checks are rejected outright, significantly reducing the risk of phishing attacks using their domain.

Reference from Pentesting Literature:

In 'Penetration Testing - A Hands-on Introduction to Hacking,' DMARC is mentioned as part of email security protocols to prevent phishing.

HTB write-ups often highlight the importance of DMARC in securing email communications and preventing spoofing attacks.

Penetration Testing - A Hands-on Introduction to Hacking

HTB Official Writeups

Show Answer
asked 02/10/2024
Rodrigo Valencia
42 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms