Exam Logo

Comptia (PT0-001) Exam Questions And Answers page 4

An energy company contracted a security firm to perform a penetration test of a power plant, which employs ICS to manage power generation and cooling. Which of the following is a consideration unique to such an environment that must be made by the firm when preparing for the assessment?
Attacks and Exploits Penetration Testing Tools
An engineer, who is conducting a penetration test for a web application, discovers the user login process sends from field data using the HTTP GET method. To mitigate the risk of exposing sensitive information, the form should be sent using an:
Attacks and Exploits Penetration Testing Tools
An individual has been hired by an organization after passing a background check. The individual has been passing information to a competitor over a period of time. Which of the following classifications BEST describes the individual?
Planning and Scoping Information Gathering and Vulnerability Identification
An organization has requested that a penetration test be performed to determine if it is possible for an attacker to gain a foothold on the organization s server segment. During the assessment, the penetration tester identifies tools that appear to have been left behind by a prior attack. Which of the following actions should the penetration tester take?
Attacks and Exploits Penetration Testing Tools
A penetration tester attempts to perform a UDP port scan against a remote target using an Nmap tool installed onto a non-Kali Linux image. For some reason, the UDP scan falls to start. Which of the following would MOST likely help to resolve the issue?
Attacks and Exploits Penetration Testing Tools
A penetration tester compromises a system that has unrestricted network access over port 443 to any host. The penetration tester wants to create a reverse shell from the victim back to the attacker. Which of the following methods would the penetration tester MOST likely use?
Attacks and Exploits Penetration Testing Tools
A penetration tester delivers a web application vulnerability scan report to a client. The penetration tester rates a vulnerability as medium severity. The same vulnerability was reported as a critical severity finding on the previous report. Which of the following is the MOST likely reason for the reduced severity?
Attacks and Exploits Penetration Testing Tools
A penetration tester directly connects to an internal network. Which of the following exploits would work BEST for quick lateral movement within an internal network?
Attacks and Exploits Penetration Testing Tools
A penetration tester discovers an anonymous FTP server that is sharing the C:\drive. Which of the following is the BEST exploit?
Attacks and Exploits Penetration Testing Tools
A penetration tester executes the following commands:


Which of the following is a local host vulnerability that the attacker is exploiting?
Attacks and Exploits Penetration Testing Tools