Summer Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Free CompTIA PT0-002 Practice Exam with Questions & Answers | Set: 4

Questions 31

An Nmap scan shows open ports on web servers and databases. A penetration tester decides to run WPScan and SQLmap to identify vulnerabilities and additional information about those systems.

Which of the following is the penetration tester trying to accomplish?

Options:
A.

Uncover potential criminal activity based on the evidence gathered.

B.

Identify all the vulnerabilities in the environment.

C.

Limit invasiveness based on scope.

D.

Maintain confidentiality of the findings.

CompTIA PT0-002 Premium Access
Questions 32

An assessor wants to use Nmap to help map out a stateful firewall rule set. Which of the following scans will the assessor MOST likely run?

Options:
A.

nmap -sA 192.168.0.1/24

B.

nmap -sS 192.168.0.1/24

C.

nmap -oG 192.168.0.1/24

D.

nmap 192.168.0.1/24

Questions 33

A penetration tester was able to gain access successfully to a Windows workstation on a mobile client’s laptop. Which of the following can be used to ensure the tester is able to maintain access to the system?

Options:
A.

schtasks /create /sc /ONSTART /tr C:\Temp\WindowsUpdate.exe

B.

wmic startup get caption,command

C.

crontab –l; echo “@reboot sleep 200 && ncat –lvp 4242 –e /bin/bash”) | crontab 2>/dev/null

D.

sudo useradd –ou 0 –g 0 user

Questions 34

An Nmap network scan has found five open ports with identified services. Which of the following tools should a penetration tester use NEXT to determine if any vulnerabilities with associated exploits exist on the open ports?

Options:
A.

OpenVAS

B.

Drozer

C.

Burp Suite

D.

OWASP ZAP

Questions 35

A penetration tester wants to scan a target network without being detected by the client’s IDS. Which of the following scans is MOST likely to avoid detection?

Options:
A.

nmap –p0 –T0 –sS 192.168.1.10

B.

nmap –sA –sV --host-timeout 60 192.168.1.10

C.

nmap –f --badsum 192.168.1.10

D.

nmap –A –n 192.168.1.10

Questions 36

A large client wants a penetration tester to scan for devices within its network that are Internet facing. The client is specifically looking for Cisco devices with no authentication requirements. Which of the following settings in Shodan would meet the client’s requirements?

Options:
A.

“cisco-ios” “admin+1234”

B.

“cisco-ios” “no-password”

C.

“cisco-ios” “default-passwords”

D.

“cisco-ios” “last-modified”

Questions 37

A penetration tester is attempting to discover live hosts on a subnet quickly.

Which of the following commands will perform a ping scan?

Options:
A.

nmap -sn 10.12.1.0/24

B.

nmap -sV -A 10.12.1.0/24

C.

nmap -Pn 10.12.1.0/24

D.

nmap -sT -p- 10.12.1.0/24

Questions 38

A penetration tester who is conducting a vulnerability assessment discovers that ICMP is disabled on a network segment. Which of the following could be used for a denial-of-service attack on the network segment?

Options:
A.

Smurf

B.

Ping flood

C.

Fraggle

D.

Ping of death

Questions 39

A penetration tester was brute forcing an internal web server and ran a command that produced the following output:

PT0-002 Question 39

However, when the penetration tester tried to browse the URL http://172.16.100.10:3000/profile , a blank page was displayed.

Which of the following is the MOST likely reason for the lack of output?

Options:
A.

The HTTP port is not open on the firewall.

B.

The tester did not run sudo before the command.

C.

The web server is using HTTPS instead of HTTP.

D.

This URI returned a server error.

Questions 40

A penetration tester needs to access a building that is guarded by locked gates, a security team, and cameras. Which of the following is a technique the tester can use to gain access to the IT framework without being detected?

Options:
A.

Pick a lock.

B.

Disable the cameras remotely.

C.

Impersonate a package delivery worker.

D.

Send a phishing email.