A file contains several hashes. Which of the following can be used in a pass-the-hash attack?
A. NTLMv2Which of the following attacks is commonly combined with cross-site scripting for session hijacking?
A. CSRFGiven the following: http://example.com/download.php?id-.../.../.../etc/passwd Which of the following BEST describes the above attack?
A. Malicious file upload attackAfter several attempts, an attacker was able to gain unauthorized access through a biometric sensor using the attacker's actual fingerprint without exploitation. Which of the following is the MOST likely explanation of what happened?
A. The biometric device is tuned more toward false positivesAfter establishing a shell on a target system, Joe, a penetration tester is aware that his actions have not been detected. He now wants to maintain persistent access to the machine. Which of the following methods would be MOST easily detected?
A. Run a zero-day exploit.A client has scheduled a wireless penetration test. Which of the following describes the scoping target information MOST likely needed before testing can begin?
A. The physical location and network ESSIDs to be testedA company planned for and secured the budget to hire a consultant to perform a web application penetration test. Upon discovered vulnerabilities, the company asked the consultant to perform the following tasks:
Code review Updates to firewall setting
A. Scope creepA penetration tester is outside of an organization's network and is attempting to redirect users to a fake password reset website hosted on the penetration tester's box. Which of the following techniques is suitable to attempt this?
A. Employ NBNS poisoning.During a penetration test, a tester runs a phishing campaign and receives a shell from an internal PC running Windows 10 OS. The tester wants to perform credential harvesting with Mimikatz.
Which of the following registry changes would allow for credential caching in memory?
A. reg add HKLM\System\ControlSet002\Control\SecurityProviders\WDigest /v userLogoCredential /t REG_DWORD /d 0A penetration tester is scanning a network for SSH and has a list of provided targets. Which of the following Nmap commands should the tester use?
A. nmap -p 22 -iL targetsNowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your PT0-001 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.