MK0-201 Exam Details

  • Exam Code
    :MK0-201
  • Exam Name
    :Certified Penetration Testing Specialist (CPTS)
  • Certification
    :Mile2 Certifications
  • Vendor
    :Mile2
  • Total Questions
    :247 Q&As
  • Last Updated
    :Jul 14, 2026

Mile2 MK0-201 Online Questions & Answers

  • Question 171:

    What Windows techonology should prevent SMB Relay from sniffing user credentials in a man in the middle attack?Choose the best answer.

    A. Windows Update
    B. SMB Signing
    C. NetBIOS over TCP
    D. SYSKEY

  • Question 172:

    When doing an ACK flag scanning the target host is sent TCP packets with the ACK flag set and the reply is then analyzed.

    Which of the following items within the response packets would be used to determine if the port was open on the remote host?(Choose two)

    A. The Time To Live field
    B. The source port
    C. The destination port
    D. The Window field

  • Question 173:

    Which of the following could be countermeasures to scanning?Choose all that apply.

    A. Drop all traffic destined directly at the firewall
    B. Disable all ICMP packets at exterior gateways
    C. Use a firewall ruleset that leads to many false positives and thus security through obscurity
    D. Permit UDP port 500 packets at the firewall

  • Question 174:

    Which tools are capable of capturing Kerberos domain authentication credentials and then running either dictionary or brute force offline password cracking?Choose two.

    A. LC5
    B. Cain and Abel
    C. Ettercap
    D. Kerbsniff and kerbcrack

  • Question 175:

    Which of the following scanning methods would be the most stealthy and best at hiding the source of a scan?

    A. TCP Connect()
    B. Syn-Ack
    C. Fin-Ack
    D. Idlescan

  • Question 176:

    Having just downloaded a new version of Cain and Abel,you wish to monitor your network for clear text passwords being sent.

    Knowing you are currently connected to a switch you will attempt to perform an ARP poisoning attack that will let you look at all the packets and not only packets sent to your own machine.

    What would you call this type of sniffing?

    A. Passing Sniffing
    B. Active Sniffing
    C. ARP Sniffing
    D. All stations sniffing

  • Question 177:

    One of your clients has been the victim of a brute force attack against their SSH server.

    They ask you what could be done to protect their Linux servers.You propose the use of IP Tables (the built in kernel firewall) to limit connection attempts to protect their servers.You agree with your client to limit connections to the SSH port to

    a maximum of only three trials per minutes consideirng there is only one administrator who has a valid need to connect remotely onto this port.

    If the threshold of three connectors is exceeded,the attacker will have to wait for another 60 seconds before it will resume allowing connections again.

    Which of the following IP Tables entry would meet your clients needs?

    A. iptables-A INPUT -p tcp -dport 23 -m state -state NEW -m recent -update -second 60 -hitcount4 -rttl - name SSH -j DROP
    B. iptables-A INPUT -p tcp -dport 22 -m state -state NEW -m recent -update -second 60 -hit count3 -rttl - name SSH -j DROP
    C. iptables-A INPUT -p tcp -dport 22 -m state -state NEW -m recent -update -second 60 -hitcount4 -rttl - name SSH -j DROP
    D. iptables-A OUTPUT -p tcp -dport 23 -m state -state NEW -m recent -update -second 60 -hitcount4 -rttl - name SdSH -j DROP

  • Question 178:

    Under the Windows platform,there is something refered to as Null Session.

    Which of the following statements would best describe what a null session consists of?

    A. It is a session where zero bytes of traffic have been transferred
    B. It is a session where erroneous commands are being used showing the a lack of knowledge of the user connected.
    C. It is a remote session that is established anonymously to a window machine
    D. It is a anonymous FTP session under the Windows platform

  • Question 179:

    Ping utilities can be used for basic network connectivity test; the ping command sends out an ICMP Echo Request packets and the destination host will reply with an ICMP Echo Reply packets if the host is alive. However,in some cases the host might be alive and responses are not received.What is the most likely cause of such behavior?

    A. The packet suffers from time exceeded in transit
    B. The packet did not reach the destination gateway
    C. A filtering device is dropping the packets
    D. The remote device OS does not support the ping command.

  • Question 180:

    Mae i a keen system administration; she constantly monitors the mailing list for best practices that are being used out in the field.On the servers that she maintains,Mae has renamed the administrator account to another name to avoid abuse from crackers.However,she found out that it was possible using the sid2user tool to find the new name she used for the administrator account.Mae does not understand; she has NOT shared this name with anyone.How can this be?What is the most likely reason?

    A. Her system have been compromised
    B. Renaming the administrator account does not change the SID
    C. She has not applied all of the patches
    D. Someone social engineered her

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Mile2 exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your MK0-201 exam preparations and Mile2 certification application, do not hesitate to visit our Vcedump.com to find your solutions here.