MK0-201 Exam Details

  • Exam Code
    :MK0-201
  • Exam Name
    :Certified Penetration Testing Specialist (CPTS)
  • Certification
    :Mile2 Certifications
  • Vendor
    :Mile2
  • Total Questions
    :247 Q&As
  • Last Updated
    :Jul 14, 2026

Mile2 MK0-201 Online Questions & Answers

  • Question 21:

    A TCP connect Scan which is also called a Vanilla TCP port scan will send a SYN packet to ports sequentially to see which are open. Using the Vanilla TCP Port Scan, what would be expected as a response from a port that is open?

    A. FIN
    B. SYN/ACK
    C. RST/ACT
    D. ACK

  • Question 22:

    Yannick who is a very smart security tester has mentioned to one of his friends that he has found a way of appending data to an existing file using the built in Windows tools and no third party utility. This text appended does not affect the functionality,size,or display within traditional file browsing utilities such as dir or Internet Explorer.What is Yannick making reference to in this case?

    A. Steganography
    B. Hybrid Encryption
    C. Alternate Data Streams
    D. Append.exe

  • Question 23:

    Types of potential vulnerabilities that are commonly scanned for include:(Choose All that Apply)

    A. Password vulnerabilities
    B. Weak operating system and application default settings
    C. Common configuration and coding mistakes
    D. Protocol vulnerabilities (such as the TCP/IP stack vulnerabilities)
    E. Physical observation of the target building

  • Question 24:

    Nathalie,an employee of Corporation XYZ, has notice that Bob,one of her coworkers,has been abusing company assets and resources for his own personal gain. According to good ethics values,what should Nathalie do in this case?

    A. Immediately install a network sniffer and keystroke recorder to monitor Bobs activities.
    B. Retaliate by abusing Bobs resources; he does it to the company,hence why not do it against Bob himself.
    C. Report Bob to upper management where a decision about a course of action can be made along with the HR and Legal department.
    D. Nathalie should not get involved;this is none of her business. she should simply continue her work day and wait unit he gets caught.

  • Question 25:

    A null session allows users to connect remotely to other Windows computers on the network.According to the implementation of NULL Session on Windows platforms,how long would the password be in order to establish a NULL Session?

    A. At least 8 Characters
    B. A passphrase is used not a password
    C. There is no password involved
    D. Windows makes use of Digital Signature in such case,not passwords

  • Question 26:

    A system administrator deploys a Windows-based server in a publicly-accessible DMZ.The sole purpose of this machine is to run IIS and allow anonymous access.After a few days the security log is full of failed login against the Administrator account.What is the best strategy to totally prevent future password guessing attempts? Choose the best answer.

    A. Enable account lockout
    B. Change the Administrator password to be even longer
    C. Remove File and Print Sharing for Microsoft Networks on the network adapter
    D. Configure the security policy to shut down the system when the event log is full

  • Question 27:

    Intrusion Detection Systems have multiple ways to decode the information.

    Which of the following definitions would best describe Protocol Anomaly Detection within an Intrusion Detection System (IDS) engine?

    A. Interprets the attack as the victim would for greater accuracy
    B. Identifies attacks that are based on condition,not patterns
    C. Compares traffic to RFC standards and reports deviations
    D. Identifies traffic that breaks policy or is not normal for network

  • Question 28:

    When referring to the prevalence of online computer crimes,which of the following would NOT be a factor that contributes to the proliferation or computer crimes?

    A. Widespread availability of computers
    B. Widespread availability of hacking tools
    C. The media and press coverage of incidents glamorizing hackers
    D. The laws and penalties associated with online crimes

  • Question 29:

    Which of the following would best represent the definition of a Penetration Test?

    A. Testing of the effectiveness of applied security controls by breaking in and bypassing them.
    B. Testing of the policies in place to see how compliant a company is with its own control definition.
    C. Testing the effectiveness of applied security controls by evaluating vulnerabilities and reporting them to the client.
    D. Testing the effectiveness of access control mechanisms by constant and deep inspection of all log files.Also called Deep Packet Inspection.

  • Question 30:

    One of the challenges when doing large scale security tests is the time required.

    If you have to scan a class B network it might take you a very long time. Scanrand is a tool that has been optimized to scan a large number of hosts in very little time.It was reported that it was used to scan about 8300 web servers in less than

    4 seconds.

    How does scanrand achieve such an impressive benchmark?

    A. It does not maintain any state
    B. It makes use of multiple Network Interface Cards (NIC)
    C. It has a probabilistic algorithm that can predict if a port is open or not
    D. It does not attempt to use UDP due to the overhead involved

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Mile2 exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your MK0-201 exam preparations and Mile2 certification application, do not hesitate to visit our Vcedump.com to find your solutions here.