Comptia (PT0-001) Exam Questions And Answers page 10
A penetration tester observes that the content security policy header is missing during a web application penetration test. Which of the following techniques would the penetration tester MOST likely perform?
Clickjacking attack
Directory traversal attack
Remote file inclusion attack
Information Gathering and Vulnerability Identification
Attacks and Exploits
A penetration tester ran an Nmap scan against a target and received the following output:
Which of the following commands would be best for the penetration tester to execute NEXT to discover any weaknesses or vulnerabilities?
Which of the following commands would be best for the penetration tester to execute NEXT to discover any weaknesses or vulnerabilities?
onesixtyone d 192.168.121.1
enum4linux w 192.168.121.1
snmpwalk c public 192.168.121.1
medusa h 192.168.121.1 U users.txt P passwords.txt M ssh
Attacks and Exploits
Penetration Testing Tools
A penetration tester ran the following Nmap scan on a computer:
nmap -aV 192.168.1.5
The organization said it had disabled Telnet from its environment. However, the results of the Nmap scan show port 22 as closed and port 23 as open to SSH. Which of the following is the BEST explanation for what happened?
nmap -aV 192.168.1.5
The organization said it had disabled Telnet from its environment. However, the results of the Nmap scan show port 22 as closed and port 23 as open to SSH. Which of the following is the BEST explanation for what happened?
The organization failed to disable Telnet.
Nmap results contain a false positive for port 23.
Port 22 was filtered.
The service is running on a non-standard port.
Attacks and Exploits
Penetration Testing Tools
A penetration tester reported the following vulnerabilities:
Which of the following is the correct order to rate the vulnerabilities from critical to low considering the MOST immediate impact?
Which of the following is the correct order to rate the vulnerabilities from critical to low considering the MOST immediate impact?
Unrestricted file upload, stored XSS, SQL injection, verbose server headers
SQL injection, unrestricted file upload, stored XSS, verbose server headers
Verbose server headers, unrestricted file upload, stored XSS, SQL injection
Stored XSS, SQL injection, unrestricted file upload, verbose server headers
Attacks and Exploits
Penetration Testing Tools
A penetration tester reviews the scan results of a web application. Which of the following vulnerabilities is MOST critical and should be prioritized for exploitation?
Stored XSS
Fill path disclosure
Expired certificate
Clickjacking
Attacks and Exploits
A penetration tester runs a script that queries the domain controller for user service principal names. Which of the following techniques is MOST likely being attempted?
Kerberoasting
LSASS credential extraction
Cpassword
Cleartext credentials in LDAP
Information Gathering and Vulnerability Identification
Attacks and Exploits
A penetration tester runs the following from a compromised python -c
import pty;pty.spawn ( /bin/bash ) . Which of the following actions are the tester taking?
import pty;pty.spawn ( /bin/bash ) . Which of the following actions are the tester taking?
Removing the Bash history
Upgrading the shell
Creating a sandbox
Capturing credentials
Attacks and Exploits
Penetration Testing Tools
A penetration tester runs the following on a machine:
Which of the following will be returned?
Which of the following will be returned?
1
3
5
6
Attacks and Exploits
Penetration Testing Tools
A penetration tester successfully exploits a DMZ server that appears to be listening on an outbound port. The penetration tester wishes to forward that traffic back to a device. Which of the following are the BEST tools to use for this purpose? (Choose two.)
Tcpdump
Nmap
Wireshark
SSH
Netcat
Cain and Abel
Attacks and Exploits
Penetration Testing Tools
A penetration tester successfully exploits a system, receiving a reverse shell. Which of the following is a Meterpreter command that is used to harvest locally stored credentials?
background
hashdump
session
getuid
psexec
Attacks and Exploits
Penetration Testing Tools
Comments