Comptia (PT0-001) Exam Questions And Answers page 15
Consumer-based IoT devices are often less secure than systems built for traditional desktop computers. Which of the following BEST describes the reasoning for this?
It is difficult for administrators to implement the same security standards across the board.
IoT systems often lack the hardware power required by more secure solutions.
Regulatory authorities often have lower security requirements for IoT systems.
Information Gathering and Vulnerability Identification
During a full-scope security assessment, which of the following is a prerequisite to social engineer a target by physically engaging them?
Locating emergency exits
Preparing a pretext
Shoulder surfing the victim
Tailgating the victim
Planning and Scoping
Information Gathering and Vulnerability Identification
During an internal network penetration test, a tester recovers the NTLM password hash for a user known to have full administrator privileges on a number of target systems. Efforts to crack the hash and recover the plaintext password have been unsuccessful.
Which of the following would be the BEST target for continued exploitation efforts?
Which of the following would be the BEST target for continued exploitation efforts?
Operating system: Windows 7
Open ports: 23, 161
Open ports: 23, 161
Operating system: Windows Server 2016
Open ports: 53, 5900
Open ports: 53, 5900
Operating system: Windows 8.1
Open ports: 445, 3389
Open ports: 445, 3389
Operating system: Windows 8
Open ports: 514, 3389
Open ports: 514, 3389
Information Gathering and Vulnerability Identification
Attacks and Exploits
During an internal penetration test, several multicast and broadcast name resolution requests are observed traversing the network. Which of the following tools could be used to impersonate network resources and collect authentication requests?
Ettercap
Tcpdump
Responder
Medusa
Attacks and Exploits
Penetration Testing Tools
During a penetration test, a host is discovered that appears to have been previously compromised and has an active outbound connection. After verifying the network activity is malicious, which of the following should the tester do?
Inform the client to shut it down and investigate.
Take action and shut it down immediately.
Inform the client and allow them to respond.
Note the finding and continue the assessment.
Attacks and Exploits
Penetration Testing Tools
During a penetration test, a tester identifies traditional antivirus running on the exploited server. Which of the following techniques would BEST ensure persistence in a post-exploitation phase?
Shell binary placed in C:\windows\temp
Modified daemons
New user creation
Backdoored executables
Attacks and Exploits
Penetration Testing Tools
During a penetration test, a tester runs a phishing campaign and receives a shell from an internal PC running Windows 10 OS. The tester wants to perform credential harvesting with Mimikatz.
Which of the following registry changes would allow for credential caching in memory?
Which of the following registry changes would allow for credential caching in memory?
reg add HKLM\System\ControlSet002\Control\SecurityProviders\WDigest /v userLogoCredential /t REG_DWORD /d 0
reg add HKCU\System\CurrentControlSet\Control\SecurityProviders\WDigest /v userLogoCredential /t REG_DWORD /d 1
reg add HKLM\Software\CurrentControlSet\Control\SecurityProviders\WDigest /v userLogoCredential /t REG_DWORD /d 1
reg add HKLM\System\CurrentControlSet\Control\SecurityProviders\WDigest /v userLogoCredential /t REG_DWORD /d 1
Attacks and Exploits
Penetration Testing Tools
During a physical security review, a detailed penetration testing report was obtained, which was issued to a security analyst and then discarded in the trash. The report contains validated critical risk exposures. Which of the following processes would BEST protect this information from being disclosed in the future?
Restrict access to physical copies to authorized personnel only.
Ensure corporate policies include guidance on the proper handling of sensitive information.
Require only electronic copies of all documents to be maintained.
Install surveillance cameras near all garbage disposal areas.
Penetration Testing Tools
Reporting and Communication
During a vulnerability assessment, the security consultant finds an XP legacy system that is running a critical business function. Which of the following mitigations is BEST for the consultant to conduct?
Update to the latest Microsoft Windows OS.
Put the machine behind the WAF.
Segment the machine from the main network.
Disconnect the machine.
Planning and Scoping
Information Gathering and Vulnerability Identification
During testing, a critical vulnerability is discovered on a client's core server. Which of the following should be the NEXT action?
Disable the network port of the affected service.
Complete all findings, and then submit them to the client.
Promptly alert the client with details of the finding.
Take the target offline so it cannot be exploited by an attacker.
Information Gathering and Vulnerability Identification
Attacks and Exploits
Comments