Exam Logo

Comptia (PT0-001) Exam Questions And Answers page 7

A penetration tester has successfully exploited a vulnerability on an organization s authentication server and now wants to set up a reverse shell. The penetration tester finds that Netcat is not available on the target. Which of the following approaches is a suitable option to attempt NEXT?
Attacks and Exploits Penetration Testing Tools
A penetration tester identifies the following findings during an external vulnerability scan:


Which of the following attack strategies should be prioritized from the scan results above?
Attacks and Exploits Penetration Testing Tools
A penetration tester is able to move laterally throughout a domain with minimal roadblocks after compromising a single workstation. Which of the following mitigation strategies would be BEST to recommend in the report? (Select THREE).
Planning and Scoping Attacks and Exploits
A penetration tester is asked to scope an external engagement. Which of the following would be a valid target?
Planning and Scoping Information Gathering and Vulnerability Identification
A penetration tester is assessing the security of a web form for a client and enters ;id in one of the fields. The penetration tester observes the following response:


Based on the response, which of the following vulnerabilities exists?
Information Gathering and Vulnerability Identification Attacks and Exploits
A penetration tester is attempting to capture a handshake between a client and an access point by monitoring a WPA2-PSK secured wireless network. The tester is monitoring the correct channel for the identified network, but has been unsuccessful in capturing a handshake. Given the scenario, which of the following attacks would BEST assist the tester in obtaining this handshake?
Attacks and Exploits Penetration Testing Tools
A penetration tester is attempting to open a socket in a bash script but receives errors when running it. The current state of the relevant line in the script is as follows:


Which of the following lines of code would correct the issue upon substitution?
Attacks and Exploits Penetration Testing Tools
A penetration tester is attempting to scan a legacy web application using the scanner's default scan settings. The scans continually result in the application becoming unresponsive. Which of the following can help to alleviate this issue?
Attacks and Exploits Penetration Testing Tools
A penetration tester is checking a script to determine why some basic math errors are persisting. The expected result was the program outputting True .


Given the output from the console above, which of the following explains how to correct the errors in the script? (Choose two.)
Attacks and Exploits Penetration Testing Tools
A penetration tester is connected to a client s local network and wants to passively identify cleartext protocols and potentially sensitive data being communicated across the network. Which of the following is the BEST approach to take?
Attacks and Exploits Penetration Testing Tools