Comptia (PT0-001) Exam Questions And Answers page 7
A penetration tester has successfully exploited a vulnerability on an organization s authentication server and now wants to set up a reverse shell. The penetration tester finds that Netcat is not available on the target. Which of the following approaches is a suitable option to attempt NEXT?
Attempt to escalate privileges to acquire an interactive shell.
Try to use the /dev/tcp socket.
Attempt to read out/etc/shadow.
Attacks and Exploits
Penetration Testing Tools
A penetration tester identifies the following findings during an external vulnerability scan:
Which of the following attack strategies should be prioritized from the scan results above?
Which of the following attack strategies should be prioritized from the scan results above?
Obsolete software may contain exploitable components.
Weak password management practices may be employed.
Cryptographically weak protocols may be intercepted.
Web server configurations may reveal sensitive information.
Attacks and Exploits
Penetration Testing Tools
A penetration tester is able to move laterally throughout a domain with minimal roadblocks after compromising a single workstation. Which of the following mitigation strategies would be BEST to recommend in the report? (Select THREE).
Randomize local administrator credentials for each machine.
Disable remote logons for local administrators.
Require multifactor authentication for all logins.
Increase minimum password complexity requirements.
Apply additional network access control.
Enable full-disk encryption on every workstation.
Segment each host into its own VLAN.
Planning and Scoping
Attacks and Exploits
A penetration tester is asked to scope an external engagement. Which of the following would be a valid target?
104.45.98.126
169.254. 67.23
172.16.67.145
192.168.47.231
Planning and Scoping
Information Gathering and Vulnerability Identification
A penetration tester is assessing the security of a web form for a client and enters ;id in one of the fields. The penetration tester observes the following response:
Based on the response, which of the following vulnerabilities exists?
Based on the response, which of the following vulnerabilities exists?
SQL injection
Session hijacking
Command injection
XSS/XSRF
Information Gathering and Vulnerability Identification
Attacks and Exploits
A penetration tester is attempting to capture a handshake between a client and an access point by monitoring a WPA2-PSK secured wireless network. The tester is monitoring the correct channel for the identified network, but has been unsuccessful in capturing a handshake. Given the scenario, which of the following attacks would BEST assist the tester in obtaining this handshake?
SSDI broadcast flood
Karma attack
Deauthentication attack
Fragmentation attack
Attacks and Exploits
Penetration Testing Tools
A penetration tester is attempting to open a socket in a bash script but receives errors when running it. The current state of the relevant line in the script is as follows:
Which of the following lines of code would correct the issue upon substitution?
Which of the following lines of code would correct the issue upon substitution?
open 0<>/dev/tcp/${HOST}:${PORT}
exec 0
exec 0
exec 3<>/dev/tcp/${HOST}/${PORT}
open 3
open 3
Attacks and Exploits
Penetration Testing Tools
A penetration tester is attempting to scan a legacy web application using the scanner's default scan settings. The scans continually result in the application becoming unresponsive. Which of the following can help to alleviate this issue?
Packet shaping
Flow control
Bandwidth limits
Query throttling
Attacks and Exploits
Penetration Testing Tools
A penetration tester is checking a script to determine why some basic math errors are persisting. The expected result was the program outputting True .
Given the output from the console above, which of the following explains how to correct the errors in the script? (Choose two.)
Given the output from the console above, which of the following explains how to correct the errors in the script? (Choose two.)
Change fi to Endlf .
Remove the let in front of dest=5+5 .
Change the = to -eq .
Change source and dest to $source and $dest .
Change else to elif .
Attacks and Exploits
Penetration Testing Tools
A penetration tester is connected to a client s local network and wants to passively identify cleartext protocols and potentially sensitive data being communicated across the network. Which of the following is the BEST approach to take?
Run a network vulnerability scan.
Run a stress test.
Run an MITM attack.
Run a port scan.
Attacks and Exploits
Penetration Testing Tools
Comments