최신 PT0-001 무료덤프 - CompTIA PenTest+ Certification
A penetration tester has been asked to conduct OS fingering with Nmap using a company-provided text file that contains a list of IP addresses. Which of the following are needed to conduct this scan? (Choose two.).
정답: A,D
설명: (DumpTOP 회원만 볼 수 있음)
A penetration tester executes the following commands:
C:\>%userprofile%\jtr.exe
This program has been blocked by group policy
C:\> accesschk.exe -w -s -q -u Users C:\Windows
rw C:\Windows\Tracing
C:\>copy %userprofile%\jtr.exe C:\Windows\Tracing
C:\Windows\Tracing\jtr.exe
jtr version 3.2...
jtr>
Which of the following is a local host vulnerability that the attacker is exploiting?
C:\>%userprofile%\jtr.exe
This program has been blocked by group policy
C:\> accesschk.exe -w -s -q -u Users C:\Windows
rw C:\Windows\Tracing
C:\>copy %userprofile%\jtr.exe C:\Windows\Tracing
C:\Windows\Tracing\jtr.exe
jtr version 3.2...
jtr>
Which of the following is a local host vulnerability that the attacker is exploiting?
정답: A
설명: (DumpTOP 회원만 볼 수 있음)
After a recent penetration test, a company has a finding regarding the use of dictionary and seasonal passwords by its employees. Which of the following is the BEST control to remediate the use of common dictionary terms?
정답: C
A penetration tester is reviewing the following output from a wireless sniffer:
Which of the following can be extrapolated from the above information?
Which of the following can be extrapolated from the above information?
정답: A
A penetration tester is exploiting the use of default public and private community strings Which of the following protocols is being exploited?
정답: C
A penetration tester needs to use Nmap to scan a host with a very low speed so the WAF or IPS/IDS is not triggered. Which of the following command-line parameters should be added to the Nmap command?
정답: C
Which of the following should a penetration tester verify prior to testing the login and permissions management for a web application that is protected by a CDN-based WAF?
정답: A
A penetration tester attempts to perform a UDP port scan against a remote target using an Nmap tool installed onto a non-Kali Linux image. For some reason, the UDP scan falls to start. Which of the following would MOST likely help to resolve the issue?
정답: A
A penetration tester is required to exploit a WPS implementation weakness. Which of the following tools will perform the attack?
정답: D
Which of the following types of intrusion techniques is the use of an "under-the-door tool" during a physical security assessment an example of?
정답: B
When communicating the findings of a network vulnerability scan to a client's IT department which of the following metrics BEST prioritize the severity of the findings? (Select TWO)
정답: A,C
A penetration tester locates a few unquoted service paths during an engagement. Which of the following can the tester attempt to do with these?
정답: A
A company planned for and secured the budget to hire a consultant to perform a web application penetration test. Upon discovering vulnerabilities, the company asked the consultant to perform the following tasks:
Code review
Updates to firewall settings
Which of the following has occurred in this situation?
Code review
Updates to firewall settings
Which of the following has occurred in this situation?
정답: D
A penetration tester found a network with NAC enabled Which of the following commands can be used to bypass the NAC?
정답: C
설명: (DumpTOP 회원만 볼 수 있음)
An individual has been hired by an organization after passing a background check. The individual has been passing information to a competitor over a period of time. Which of the following classifications BEST describes the individual?
정답: A