Exam Logo

Comptia (PT0-001) Exam Questions And Answers page 16

During the exploitation phase of a penetration test, a vulnerability is discovered that allows command execution on a Linux web server. A cursory review confirms the system access is only in a low-privilege user context: www-data. After reviewing, the following output from /etc/sudoers:


Which of the following users should be targeted for privilege escalation?
Attacks and Exploits Penetration Testing Tools
During the information gathering phase of a network penetration test for the corp.local domain, which of the following commands would provide a list of domain controllers?
Information Gathering and Vulnerability Identification Attacks and Exploits
Given the following:

http://example.com/download.php?id-.../.../.../etc/passwd

Which of the following BEST describes the above attack?
Information Gathering and Vulnerability Identification Attacks and Exploits
Given the following Python code:

a = 'abcdefghijklmnop'
a[::2]

Which of the following will result?
Attacks and Exploits Penetration Testing Tools
Given the following Python script:


Which of the following is where the output will go?
Attacks and Exploits Penetration Testing Tools
Given the following Python script:


Which of the following is where the output will go?
Information Gathering and Vulnerability Identification Attacks and Exploits
Given the following script:


Which of the following BEST describes the purpose of this script?
Planning and Scoping Information Gathering and Vulnerability Identification
If a security consultant comes across a password hash that resembles the following:

b117525b345470c29ca3d8ae0b556ba8

Which of the following formats is the correct hash type?
Attacks and Exploits Penetration Testing Tools
In a physical penetration tester testing scenario. the penetration tester obtains physical access to a laptop. The laptop is logged in but locked. Which of the following is a potential NEXT step to extract credentials from the device?
Attacks and Exploits Penetration Testing Tools
In which of the following components is an exploited vulnerability MOST likely to affect multiple running application containers at once?
Attacks and Exploits