Exam Logo

Comptia (PT0-001) Exam Questions And Answers page 8

A penetration tester is in the process of writing a report that outlines the overall level of risk to operations. In which of the following areas of the report should the penetration tester put this?
Penetration Testing Tools Reporting and Communication
A penetration tester is outside of an organization's network and is attempting to redirect users to a fake password reset website hosted on the penetration tester's box. Which of the following techniques is suitable to attempt this?
Attacks and Exploits Penetration Testing Tools
A penetration tester is performing a black-box test of a client web application, and the scan host is unable to access it. The client has sent screenshots showing the system is functioning correctly. Which of the following is MOST likely the issue?
Attacks and Exploits Penetration Testing Tools
A penetration tester is performing a code review. Which of the following testing techniques is being performed?
Planning and Scoping Penetration Testing Tools
A penetration tester is performing a remote internal penetration test by connecting to the testing system from the Internet via a reverse SSH tunnel. The testing system has been placed on a general user subnet with an IP address of 192.168.1.13 and a gateway of 192.168.1.1. Immediately after running the command below, the penetration tester s SSH connection to the testing platform drops:


Which of the following ettercap commands should the penetration tester use in the future to perform ARP spoofing while maintaining a reliable connection?
Attacks and Exploits Penetration Testing Tools
A penetration tester is performing ARP spoofing against a switch. Which of the following should the penetration tester spoof to get the MOST information?
Attacks and Exploits Penetration Testing Tools
A penetration tester is performing a wireless penetration test. Which of the following are some vulnerabilities that might allow the penetration tester to easily and quickly access a WPA2-protected access point?
Attacks and Exploits Penetration Testing Tools
A penetration tester is performing initial intelligence gathering on some remote hosts prior to conducting a vulnerability scan.

The tester runs the following command:

nmap -D 192.168.1.1, 192.168.1.2, 192.168.1.3 -sV -o --max-rate 2 192.168.1.130

Which of the following BEST describes why multiple IP addresses are specified?
Information Gathering and Vulnerability Identification Penetration Testing Tools
A penetration tester is planning to conduct a distributed dictionary attack on a government domain against the login portal. The tester will leverage multiple proxies to mask the origin IPs of the attack. Which of the following threat actors will be emulated?
Attacks and Exploits Penetration Testing Tools
A penetration tester is preparing to conduct API testing. Which of the following would be MOST helpful in preparing for this engagement?
Information Gathering and Vulnerability Identification Penetration Testing Tools