CompTIA PT0-001 Braindumps 2021

NEW QUESTION 1
A software development team recently migrated to new application software on the on-premises environment Penetration test findings show that multiple vulnerabilities exist If a penetration tester does not have access to a live or test environment, a test might be better to create the same environment on the VM Which of the following is MOST important for confirmation?

• A. Unsecure service and protocol configuration
• B. Running SMB and SMTP service
• C. Weak password complexity and user account
• D. Misconfiguration

Answer: A

NEW QUESTION 2
Click the exhibit button.

Given the Nikto vulnerability scan output shown in the exhibit, which of the following explogtation techniques might be used to explogt the target system? (Select TWO)

• A. Arbitrary code execution
• B. Session hijacking
• C. SQL injection
• D. Login credential brute-forcing
• E. Cross-site request forgery

Answer: CE

NEW QUESTION 3
HOTSPOT
You are a security analyst tasked with hardening a web server.
You have been given a list of HTTP payloads that were flagged as malicious.

Answer:

NEW QUESTION 4
A company contracted a firm specializing in penetration testing to assess the security of a core business application. The company provided the firm with a copy of the Java bytecode. Which of the following steps must the firm take before it can run a static code analyzer?

• A. Run the application through a dynamic code analyzer.
• B. Employ a fuzzing utility.
• C. Decompile the application.
• D. Check memory allocation

Answer: D

NEW QUESTION 5
While prioritizing findings and recommendations for an executive summary, which of the following considerations would De MOST valuable to the client?

• A. Levels of difficulty to explogt identified vulnerabilities
• B. Time taken to accomplish each step
• C. Risk tolerance of the organization
• D. Availability of patches and remediations

Answer: C

NEW QUESTION 6
Which of the following is the reason why a penetration tester would run the chkconfig --del servicename command at the end of an engagement?

• A. To remove the persistence
• B. To enable penitence
• C. To report persistence
• D. To check for persistence

Answer: A

NEW QUESTION 7
A penetration tester is required to perform OSINT on staff at a target company after completing the infrastructure aspect. Which of the following would be the BEST step for the penetration tester to take?

• A. Obtain staff information by calling the company and using social engineering techniques.
• B. Visit the client and use impersonation to obtain information from staff.
• C. Send spoofed emails to staff to see if staff will respond with sensitive information.
• D. Search the Internet for information on staff such as social networking site

Answer: C

NEW QUESTION 8
The results of a basic compliance scan show a subset of assets on a network. This data differs from what is shown on the network architecture diagram, which was supplied at the beginning of the test. Which of the following are the MOST likely causes for this difference? (Select TWO)

• A. Storage access
• B. Limited network access
• C. Misconfigured DHCP server
• D. Incorrect credentials
• E. Network access controls

Answer: A

NEW QUESTION 9
A penetration tester wants to target NETBIOS name service. Which of the following is the most likely command to explogt the NETBIOS name service?

• A. arPspoof
• B. nmap
• C. responder
• D. burpsuite

Answer: C

NEW QUESTION 10
In which of the following components is an explogted vulnerability MOST likely to affect multiple running application containers at once?

• A. Common libraries
• B. Configuration files
• C. Sandbox escape
• D. ASLR bypass

Answer: D

NEW QUESTION 11
A security consultant found a SCADA device in one of the VLANs in scope. Which of the following actions would BEST create a potentially destructive outcome against device?

• A. Launch an SNMP password brute force attack against the device.
• B. Lunch a Nessus vulnerability scan against the device.
• C. Launch a DNS cache poisoning attack against the device.
• D. Launch an SMB explogt against the devic

Answer: A

NEW QUESTION 12
A penetration tester is designing a phishing campaign and wants to build list of users (or the target organization. Which of the following techniques would be the MOST appropriate? (Select TWO)

• A. Query an Internet WHOIS database.
• B. Search posted job listings.
• C. Scrape the company website.
• D. Harvest users from social networking sites.
• E. Socially engineer the corporate call cente

Answer: AB

NEW QUESTION 13
A tester has captured a NetNTLMv2 hash using Responder Which of the following commands will allow the tester to crack the hash using a mask attack?

• A. hashcat -m 5600 -r rulea/beat64.rule hash.txt wordliat.txt
• B. hashcax -m 5€00 hash.txt
• C. hashc&t -m 5600 -a 3 haah.txt ?a?a?a?a?a?a?a?a
• D. hashcat -m 5600 -o reaulta.txt hash.txt wordliat.txt

Answer: A

NEW QUESTION 14
A client is asking a penetration tester to evaluate a new web application for availability. Which of the following types of attacks should the tester use?

• A. TCP SYN flood
• B. SQL injection
• C. xss
• D. XMAS scan

Answer: A

NEW QUESTION 15
Given the following Python script:

Which of the following actions will it perform?

• A. ARP spoofing
• B. Port scanner
• C. Reverse shell
• D. Banner grabbing

Answer: A

NEW QUESTION 16
A penetration tester successfully explogts a DM2 server that appears to be listening on an outbound port The penetration tester wishes to forward that traffic back to a device Which of the following are the BEST tools to use few this purpose? (Select TWO)

• A. Tcpdump
• B. Nmap
• C. Wiresrtark
• D. SSH
• E. Netcat
• F. Cain and Abel

Answer: CD