최신 PT0-001 무료덤프 - CompTIA PenTest+ Certification

문제1

A penetration tester runs a script that queries the domain controller for user service principal names. Which of the following techniques is MOST likely being attempted?

A. Kerberoasting

B. Cpassword

C. LSASS credential extraction

D. Cleartext credentials in LDAP

정답: A

문제2

Which of the following is the purpose of an NDA?

A. Outlines the detailed configuration of the network

B. Outlines the terms of confidentiality between both parties

C. Outlines the boundaries of which systems are authorized for testing

D. Outlines the requirements of technical testing that are allowed

정답: B

문제3

A constant wants to scan all the TCP Pots on an identified device. Which of the following Nmap switches will complete this task?

A. -p-

B. -p 1-65534

C. -port 1-65534

D. -p ALX,

정답: B

문제4

While performing privilege escalation on a Windows 7 workstation, a penetration tester identifies a service that imports a DLL by name rather than an absolute path. To exploit this vulnerability, which of the following criteria must be met?

A. Permissions not disabled in the DLL

B. Write permissions in the C:\Windows\System32\imports directory

C. Weak folder permissions of a directory in the DLL search path

D. DLL not cryptographically signed by the vendor

정답: C

문제5

Joe, an attacker, intends to transfer funds discreetly from a victim's account to his own. Which of the following URLs can he use to accomplish this attack?

A. https://testbank.com/BankingApp/ACH.aspx?CustID=435345&accountType=F&action-ACHTransfer&senderID=654846&notify=False&creditaccount='OR 1=1 AND select username from testbank.custinfo where username like 'Joe' &amount=200

B. https://testbank.com/BankingApp/ACH.aspx?CustID=435345&accountType=F&action-ACHTransfer&senderID=654846&notify=True&creditaccount='OR 1=1 AND select username from testbank.custinfo where username like 'Joe' -&amount=200

C. https://testbank.com/BankingApp/ACH.aspx?CustID=435345&accountType=F&action-ACHTransfer&senderID=654846&notify=False&creditaccount='OR 1=1 AND select username from testbank.custinfo where username like 'Joe'-&amount=200

D. https://testbank.com/BankingApp/ACH.aspx?CustID=435345&accountType=F&action-ACHTransfer&senderID=654846&notify=True&creditaccount='AND 1=1 AND select username from testbank.custinfo where username like 'Joe' -&amount=200

정답: A

문제6

A penetration tester reviews the scan results of a web application. Which of the following vulnerabilities is MOST critical and should be prioritized for exploitation?

A. Fill path disclosure

B. Stored XSS

C. Clickjacking

D. Expired certificate

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제7

During a penetration test, a tester runs a phishing campaign and receives a shell from an internal PC running Windows 10 OS. The tester wants to perform credential harvesting with Mimikatz.
Which of the following registry changes would allow for credential caching in memory?

A. reg add HKLM\System\ControlSet002\Control\SecurityProviders\WDigest /v userLogoCredential /t REG_DWORD /d 0

B. reg add HKLM\System\CurrentControlSet\Control\SecurityProviders\WDigest /v userLogoCredential /t REG_DWORD /d 1

C. reg add HKLM\Software\CurrentControlSet\Control\SecurityProviders\WDigest /v userLogoCredential /t REG_DWORD /d 1

D. reg add HKCU\System\CurrentControlSet\Control\SecurityProviders\WDigest /v userLogoCredential /t REG_DWORD /d 1

정답: A

문제8

A penetration tester has gained access to a marketing employee's device. The penetration tester wants to ensure that if the access is discovered, control of the device can be regained. Which of the following actions should the penetration tester use to maintain persistence to the device? (Select TWO.)

A. Place an entry in C:\windows\system32\drivers\etc\hosts for 12.17.20.10 badcomptia.com.

B. Place an entry in HKLM\Software\Microsoft\CurrentVersion\Run to call au57d.ps1.

C. Place an entry for RTAudio in HKLM\CurrentControlSet\Services\RTAudio.

D. Create a schedule task to call C:\windows\system32\drivers\etc\hosts.

E. Place a script in C:\users\%username\local\appdata\roaming\temp\au57d.ps1.

F. Create a fake service in Windows called RTAudio to execute manually.

정답: B,C

문제9

Given the following Python code:
a = 'abcdefghijklmnop'
a[::2]
Which of the following will result?

A. ab

B. adgjmp

C. acegikmo

D. pnlhfdb

정답: C

문제10

While engaging clients for a penetration test from highly regulated industries, which of the following is usually the MOST important to the clients from a business perspective?

A. Letter of engagement and attestation of findings

B. Risk summary and executive summary

C. NDA and MSA

D. SOW and final report

정답: D

문제11

A client needs to be PCI compliant and has external-facing web servers. Which of the following CVSS vulnerability scores would automatically bring the client out of compliance standards such as PCI 3.x?

A. 2.9

B. 5.9

C. 4.0

D. 3.0

정답: C

문제12

During an internal network penetration test, a tester recovers the NTLM password hash tor a user known to have full administrator privileges on a number of target systems Efforts to crack the hash and recover the plaintext password have been unsuccessful Which of the following would be the BEST target for continued exploitation efforts?

A. Operating system Windows 8
Open ports 514, 3389

B. Operating system Windows 8 1
Open ports 445, 3389

C. Operating system Windows Server 2016
Open ports: 53, 5900

D. Operating system Windows 7
Open ports: 23, 161

정답: B

문제13

The results of a basic compliance scan show a subset of assets on a network. This data differs from what is shown on the network architecture diagram, which was supplied at the beginning of the test. Which of the following are the MOST likely causes for this difference? (Select TWO)

A. Network access controls

B. Misconfigured DHCP server

C. Limited network access

D. Incorrect credentials

E. Storage access

정답: C,E

문제14

A MITM attack is being planned. The first step is to get information flowing through a controlled device. Which of the following should be used to accomplish this?

A. Replay attack

B. War driving

C. Evil twin

D. Bluejacking

E. Repeating

정답: C

문제15

When performing active information reconnaissance, which of the following should be tested FIRST before starting the exploitation process?

A. SQLmap

B. Input fields

C. TLS configuration

D. HTTP verbs

정답: A

문제16

Which of the following excerpts would come from a corporate policy?

A. Employees must use strong passwords for accessing corporate assets.

B. The help desk can be reached at 800-passwd1 to perform password resets.

C. Employee passwords must contain a minimum of eight characters, with one being alphanumeric.

D. The corporate systems must store passwords using the MD5 hashing algorithm.

정답: A

문제17

An organization has requested that a penetration test be performed to determine if it is possible for an attacker to gain a foothold on the organization's server segment During the assessment, the penetration tester identifies tools that appear to have been left behind by a prior attack Which of the following actions should the penetration tester take?

A. Document the presence of the left-behind tools in the report and proceed with the test

B. Remove the tools from the affected systems before continuing on with the test

C. Discontinue further testing and report the situation to management

D. Attempt to use the remnant tools to achieve persistence

정답: A

문제18

While reviewing logs, a web developer notices the following user input string in a field:

Which of the following types of attacks was done to the website?

A. Blind XSS

B. XSS injection

C. Reflected XSS

D. Persistent XSS

정답: B

문제19

A penetration tester wants to launch a graphic console window from a remotely compromised host with IP 10.0.0.20 and display the terminal on the local computer with IP 192.168.1.10. Which of the following would accomplish this task?

A. From the local computer, run the following command
ssh -L4444 : 127.0.01:6000 -% [email protected] xterm

B. From the local computer, run the following command
ssh -r6000 : 127.0.01:4444 -p 6000 [email protected] "xhost+; xterm"

C. From the local computer, run the following command
Nc -1 -p 6000
Then, from the remote computer, run the following command
Xterm | nc 192.168.1.10 6000

D. From the remote computer, run the following commands:
Export IHOST 192.168.1.10:0.0
xhost+
Terminal

정답: D

최신 PT0-001 무료덤프 - CompTIA PenTest+ Certification

우리와 연락하기

유용한 링크

최신 업데이트