An Internet-accessible database server was found with the following ports open: 22, 53, 110, 1433, and 3389. Which of the following would be the BEST hardening technique to secure the server?
A. Ensure all protocols are using encryption.A software developer wants to test the code of an application for vulnerabilities. Which of the following processes should the software developer perform?
A. Vulnerability scanA penetration tester is able to move laterally throughout a domain with minimal roadblocks after compromising a single workstation.
Which of the following mitigation strategies would be BEST to recommend in the report? (Select THREE).
A. Randomize local administrator credentials for each machine.During a full-scope security assessment, which of the following is a prerequisite to social engineer a target by physically engaging them?
A. Locating emergency exitsA penetration tester is using the Onesixtyone tool on Kali Linux to try to exploit the SNMP protocol on a target that has SNMP enabled Which of the following types of attacks is the penetration tester performing?
A. Buffer overflow attackA penetration testing company is performing a penetration test against Company A. Company A has provided the IP address range 10.0.0.0/24 as its in-scope network range. During the information gathering phase, the penetration tester is asked to conduct active information-gathering techniques. Which of the following is the BEST tool to use for active information gathering?
A. hping3During a web application assessment, a penetration tester discovers that arbitrary commands can be executed on the server. Wanting to take this attack one step further, the penetration tester begins to explore ways to gain a reverse shell back to the attacking machine at 192.168.1.5. Which of the following are possible ways to do so? (Select TWO).
A. nc 192.168.1.5 44444A penetration tester was able to retrieve the initial VPN user domain credentials by phishing a member of the IT department. Afterward, the penetration tester obtained hashes over the VPN and easily cracked them using a dictionary attack Which of the following remediation steps should be recommended? (Select THREE)
A. Mandate all employees take security awareness trainingA company's corporate policies state that employees are able to scan any global network as long as it is done within working hours. Government laws prohibit unauthorized scanning. Which of the following should an employee abide by?
A. Company policies must be followed in this situationA web application scanner reports that a website is susceptible to clickjacking. Which of the following techniques would BEST prove exploitability?
A. Redirect the user with a CSRF.Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your PT0-001 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.