While presenting the results of a penetration test to a client's executive team, the Chief Information Security Officer (CISO) asks for remediation advice for a shared local administrator finding. The client is geographically dispersed, and centralized management is a key concern. Which of the following is the BEST remediation to suggest?
A. Have random and unique credentials per system.
B. Disable the administrator login from the network.
C. Use a service account for administrative functions.
D. Implement a single rotating password for systems.
A penetration tester attempts to perform a UDP port scan against a remote target using an Nmap tool installed onto a non-Kali Linux image. For some reason, the UDP scan falls to start. Which of the following would MOST likely help to resolve the issue?
A. Install the latest version of the tool.
B. Review local iptables for existing drop rules.
C. Relaunch the tool with elevated privileges.
D. Enable both IPv4 and IPv6 forwarding.
A penetration tester has access to a local machine running Linux, but the account has limited privileges. Which of the following types of files could the tester BEST use for privilege escalation?
A. Binaries stored in /usr/bin
B. Files with permission 4xxx
C. Files stored in /root directory
D. Files with the wrong ACL rules configured
A penetration tester has SSH access to a Linux server that is exposed to the internet and has access to a corporate internal network. This server, with IP address 200.111.111.9, only has port TCP 22 externally opened. The penetration tester also discovered the internal IP address 192.168.1.5 from a Windows server. Which of the following steps should the penetration tester follow to open an RDP connection to this Windows server and to try to log on?
A. Connect to the Linux server using # ssh 200.111.111.9, establish an RDP connection to the 192.168.1.5 address.
B. Connect to the Windows server using # ssh -L 3389:200.111.111.9:22 192.168.1.5.
C. Connect to the Linux server using # ssh -L 3389:192.168.1.5:3389 200 .111.111.9; RDP to localhost address, port 3389.
D. Connect to the Windows server using # ssh -L 22:200.111.111.9:3389 192.168.1.5.
A penetration tester is preparing for an assessment of a web server's security, which is used to host several sensitive web applications. The web server is PKI protected, and the penetration tester reviews the certificate presented by the server during the SSL handshake. Which of the following certificate fields or extensions would be of MOST use to the penetration tester during an assessment?
A. Subject key identifier
B. Subject alternative name
C. Authority information access
D. Service principal name
After delivering a draft of a penetration test report, a development team has raised concerns about an issue categorized as "high." A cloud storage bucket is configured to allow read access to the public, but writing to objects within the bucket is restricted to authorized users. The bucket contains only publicly available images that can already be found on the application homepage. Which of the following severity levels should the penetration tester consider?
A. Critical
B. Medium
C. Informational
D. Low
A penetration tester is outside of an organization's network and is attempting to redirect users to a fake password reset website hosted on the penetration tester's box. Which of the following techniques is suitable to attempt this?
A. Employ NBNS poisoning.
B. Perform ARP spoofing.
C. Conduct a phishing campaign.
D. Use an SSL downgrade attack.
A penetration tester entered the following information into the browser URL:
https://www.example.com/login.php?file=../../../../../../../etc/passwd
The server responded with the data contained in the server's sensitive data file. Which of the following types of vulnerabilities is MOST likely being exploited?
A. Weak credentials
B. Race conditions
C. Directory traversal
D. Command injection
Which of the following is an important stakeholder to notify when penetration testing has begun?
A. System owner
B. Remediation manager
C. Compliance assessor
D. Patching team
A penetration tester is scoping an engagement with a company that provided a list of firewall rules and a digital network diagram. Which of the following tests would require this data?
A. Network segmentation test
B. Network penetration test
C. Network vulnerability scan
D. Network baseline test
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your PT0-001 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.