최신 PT0-002 무료덤프 - CompTIA PenTest+ Certification
Which of the following best explains why communication is a vital phase of a penetration test?
정답: B
설명: (DumpTOP 회원만 볼 수 있음)
A vulnerability assessor is looking to establish a baseline of all IPv4 network traffic on the local VLAN without a local IP address. Which of the following Nmap command sequences would best provide this information?
정답: D
설명: (DumpTOP 회원만 볼 수 있음)
A penetration tester who is conducting a web-application test discovers a clickjacking vulnerability associated with a login page to financial data. Which of the following should the tester do with this information to make this a successful exploit?
정답: C
설명: (DumpTOP 회원만 볼 수 있음)
A penetration tester has been provided with only the public domain name and must enumerate additional information for the public-facing assets.
INSTRUCTIONS
Select the appropriate answer(s), given the output from each section.
Output 1
INSTRUCTIONS
Select the appropriate answer(s), given the output from each section.
Output 1
정답:
See all the solutions below in Explanation.
Explanation:
Explanation:
Which of the following tools would be the best to use to intercept an HTTP response of an API, change its content, and forward it back to the origin mobile device?
정답: D
설명: (DumpTOP 회원만 볼 수 있음)
A client evaluating a penetration testing company requests examples of its work. Which of the following represents the BEST course of action for the penetration testers?
정답: D
설명: (DumpTOP 회원만 볼 수 있음)
A penetration tester is conducting a penetration test and discovers a vulnerability on a web server that is owned by the client. Exploiting the vulnerability allows the tester to open a reverse shell. Enumerating the server for privilege escalation, the tester discovers the following:
Which of the following should the penetration tester do NEXT?
Which of the following should the penetration tester do NEXT?
정답: B
설명: (DumpTOP 회원만 볼 수 있음)
Given the following code:
Which of the following data structures is systems?
Which of the following data structures is systems?
정답: C
설명: (DumpTOP 회원만 볼 수 있음)
During the scoping phase of an assessment, a client requested that any remote code exploits discovered during testing would be reported immediately so the vulnerability could be fixed as soon as possible. The penetration tester did not agree with this request, and after testing began, the tester discovered a vulnerability and gained internal access to the system. Additionally, this scenario led to a loss of confidential credit card data and a hole in the system. At the end of the test, the penetration tester willfully failed to report this information and left the vulnerability in place. A few months later, the client was breached and credit card data was stolen. After being notified about the breach, which of the following steps should the company take NEXT?
정답: B
설명: (DumpTOP 회원만 볼 수 있음)
A security analyst is conducting an unknown environment test from 192.168 3.3. The analyst wants to limit observation of the penetration tester's activities and lower the probability of detection by intrusion protection and detection systems. Which of the following Nmap commands should the analyst use to achieve This objective?
정답: B
설명: (DumpTOP 회원만 볼 수 있음)
A penetration tester captured the following traffic during a web-application test:
Which of the following methods should the tester use to visualize the authorization information being transmitted?
Which of the following methods should the tester use to visualize the authorization information being transmitted?
정답: D
In an unprotected network file repository, a penetration tester discovers a text file containing usernames and passwords in cleartext and a spreadsheet containing data for 50 employees, including full names, roles, and serial numbers. The tester realizes some of the passwords in the text file follow the format: <name- serial_number>. Which of the following would be the best action for the tester to take NEXT with this information?
정답: C