Free CompTIA PT0-002 Exam Dumps and PT0-002 Exam Questions

Question No: 1

MultipleChoice

A penetration tester has been provided with only the public domain name and must enumerate additional information for the public-facing assets.

INSTRUCTIONS

Select the appropriate answer(s), given the output from each section.

Output 1

Options

ASee all the solutions below in Explanation

Question No: 2

MultipleChoice

You are a penetration tester running port scans on a server.

INSTRUCTIONS

Part 1: Given the output, construct the command that was used to generate this output from the available options.

Part 2: Once the command is appropriately constructed, use the given output to identify the potential attack vectors that should be investigated further.

If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

Options

ASee explanation below

Question No: 3

MultipleChoice

A penetration tester discovers that a web server within the scope of the engagement has already been compromised with a backdoor. Which of the following should the penetration tester do NEXT?

Options

AForensically acquire the backdoor Trojan and perform attribution

BUtilize the backdoor in support of the engagement

CContinue the engagement and include the backdoor finding in the final report

DInform the customer immediately about the backdoor

Question No: 4

MultipleChoice

The results of an Nmap scan are as follows:

Nmap scan report for ( 10.2.1.22 )

Host is up (0.0102s latency).

Not shown: 998 filtered ports

Port State Service

80/tcp open http

|_http-title: 80F 22% RH 1009.1MB (text/html)

|_http-slowloris-check:

| VULNERABLE:

| Slowloris DoS Attack

| <..>

Device type: bridge|general purpose

Running (JUST GUESSING) : QEMU (95%)

OS CPE: cpe:/a:qemu:qemu

No exact OS matches found for host (test conditions non-ideal).

Nmap done: 1 IP address (1 host up) scanned in 107.45 seconds

Which of the following device types will MOST likely have a similar response? (Choose two.)

Options

ANetwork device

BPublic-facing web server

CActive Directory domain controller

DIoT/embedded device

EExposed RDP

FPrint queue

Question No: 5

MultipleChoice

Using the output, identify potential attack vectors that should be further investigated.

Options

AExplanation:
1: Null session enumeration
Weak SMB file permissions
Fragmentation attack
2: nmap
-sV
-p 1-1023
192.168.2.2
3: #!/usr/bin/python
export $PORTS = 21,22
for $PORT in $PORTS:
try:
s.connect((ip, port))
print(''%s:%s -- OPEN'' % (ip, port))
except socket.timeout
print(''%:%s -- TIMEOUT'' % (ip, port))
except socket.error as e:
print(''%:%s -- CLOSED'' % (ip, port))
finally
s.close()
port_scan(sys.argv[1], ports)

Question No: 6

MultipleChoice

A penetration tester was brute forcing an internal web server and ran a command that produced the following output:

Which of the following is the MOST likely reason for the lack of output?

Options

AThe HTTP port is not open on the firewall.

BThe tester did not run sudo before the command.

CThe web server is using HTTPS instead of HTTP.

DThis URI returned a server error.

Question No: 7

MultipleChoice

A penetration tester conducted an assessment on a web server. The logs from this session show the following:

Which of the following attacks is being attempted?

Options

AClickjacking

BSession hijacking

CParameter pollution

DCookie hijacking

ECross-site scripting

Question No: 8

MultipleChoice

A penetration tester performs the following command:

Which of the following snippets of output will the tester MOST likely receive?

Options

AOption A

BOption B

COption C

DOption D

Question No: 9

MultipleChoice

A penetration tester obtained the following results after scanning a web server using the dirb utility:

...

GENERATED WORDS: 4612

...

DOWNLOADED: 4612 -- FOUND: 4

Which of the following elements is MOST likely to contain useful information for the penetration tester?

Options

Aindex.html

Babout

Cinfo

Dhome.html