CompTIA PT0-002 Online Practice Questions and Exam Preparation

CompTIA PT0-002 Online Questions & Answers

• Question 211:

  Which of the following is the activity that is typically required the MOST during the post-engagement cleanup phase?

  A. Removing shells
  B. Launching new attacks
  C. Documenting vulnerabilities
  D. Requesting payment
  A. Removing shells

  ---

  Explanation

• Question 212:

  Which of the following is a regulatory compliance standard that focuses on user privacy by implementing the right to be forgotten?

  A. NIST SP 800-53
  B. ISO 27001
  C. GDPR
  C. GDPR

  ---

  Explanation

  GDPR is a regulatory compliance standard that focuses on user privacy by implementing the right to be forgotten. GDPR stands for General Data Protection Regulation, and it is a law that applies to the European Union and the United Kingdom. GDPR gives individuals the right to request their personal data be deleted by data controllers and processors under certain circumstances, such as when the data is no longer necessary, when the consent is withdrawn, or when the data was unlawfully processed. GDPR also imposes other obligations and rights related to data protection, such as data minimization, data portability, data breach notification, and consent management. The other options are not regulatory compliance standards that focus on user privacy by implementing the right to be forgotten. NIST SP 800-53 is a set of security and privacy controls for federal information systems and organizations in the United States. ISO 27001 is an international standard that specifies the requirements for an information security management system.

• Question 213:

  A Chief Information Security Officer wants a penetration tester to evaluate the security awareness level of the company's employees.

  Which of the following tools can help the tester achieve this goal?

  A. Metasploit
  B. Hydra
  C. SET
  D. WPScan
  A. Metasploit

  ---

  Explanation

• Question 214:

  Which of the following methods is most effective for securing a wireless network by limiting unauthorized access from outside the building?

  A. Configure to stop broadcasting the SSID
  B. Using directional antennas
  C. Using WEP encryption
  D. Disabling Wi-Fi
  B. Using directional antennas

  ---

  Explanation

  Directional antennas can limit the signal range to reduce unauthorized access from outside the building. Other options, such as WEP, are outdated and insecure, and stopping SSID broadcast does not prevent network access. This aligns with CompTIA Pentest+ objectives under wireless security and hardening techniques.

  uk.co.certification.simulator.questionpool.PList@251f2c23

• Question 215:

  Which of the following is the MOST important information to have on a penetration testing report that is written for the developers?

  A. Executive summary
  B. Remediation
  C. Methodology
  D. Metrics and measures
  B. Remediation

  ---

  Explanation

  The most important information to have on a penetration testing report that is written for the developers is remediation. Remediation is the process of fixing or mitigating the vulnerabilities or issues that were discovered during the penetration testing. Remediation should include specific recommendations, best practices, and resources to help the developers improve the security of their applications4.

• Question 216:

  Given the following output:

  User-agent:*

  Disallow: /author/

  Disallow: /xmlrpc.php

  Disallow: /wp-admin

  Disallow: /page/

  During which of the following activities was this output MOST likely obtained?

  A. Website scraping
  B. Website cloning
  C. Domain enumeration
  D. URL enumeration
  D. URL enumeration

  ---

  Explanation

  URL enumeration is the activity of discovering and mapping the URLs of a website, such as directories, files, parameters, or subdomains. URL enumeration can help to identify the structure, content, and functionality of a website, as well as potential vulnerabilities or misconfigurations. One of the methods of URL enumeration is to analyze the robots.txt file of a website, which is a text file that tells search engine crawlers which URLs the crawler can or can't request from the site1. The output shown in the question is an example of a robots.txt file that disallows crawling of certain URLs, such as /author/, /xmlrpc.php, /wp-admin, or /page/.

• Question 217:

  A penetration tester discovers passwords in a publicly available data breach during the reconnaissance phase of the penetration test. Which of the following is the best action for the tester to take?

  A. Add the passwords to an appendix in the penetration test report.
  B. Do nothing. Using passwords from breached data is unethical.
  C. Contact the client and inform them of the breach.
  D. Use the passwords in a credential stuffing attack when the external penetration test begins.
  C. Contact the client and inform them of the breach.

  ---

  Explanation

• Question 218:

  A penetration tester developed the following script to be used during an engagement:

  #!/usr/bin/python

  import socket, sys

  ports = [21, 22, 23, 25, 80, 139, 443, 445, 3306, 3389]

  if len(sys.argv) > 1:

  target = socket.gethostbyname (sys. argv [0])

  else:

  print ("Few arguments.")

  print ("Syntax: python {} ". format (sys. argv [0]))

  sys.exit ()

  try:

  for port in ports:

  s = socket. socket (socket. AF_INET, socket. SOCK_STREAM)

  settimeout (2)

  result = s.connect_ex ((target, port) )

  if result == 0:

  print ("Port {} is opened". format (port) )

  except KeyboardInterrupt:

  print ("\nExiting ... ")

  sys.exit ()

  However, when the penetration tester ran the script, the tester received the following message:

  socket.gaierror: [Errno -2] Name or service not known

  Which of the following changes should the penetration tester implement to fix the script?

  A. From: target = socket.gethostbyname (sys. argv [0]) To: target = socket.gethostbyname (sys.argv[1])
  B. From: s = socket. socket (socket. AF_INET, socket. SOCK_STREAM) To: s = socket.socket (socket.AF_INET, socket. SOCK_DGRAM)
  C. From: import socket, sys To: import socket import sys
  D. From: result = s.connect_ex ((target, port) ) To: result = s.connect ( (target, port) )
  A. From: target = socket.gethostbyname (sys. argv [0]) To: target = socket.gethostbyname (sys.argv[1])

  ---

  Explanation

  The socket.gaierror: [Errno -2] Name or service not known is an error that occurs when the socket module cannot resolve the hostname or IP address given as an argument. In this case, the script is using sys.argv[0] as the argument for socket.gethostbyname, which is the name of the script itself, not the target IP address. The target IP address should be the first command-line argument after the script name, which is sys.argv1. Therefore, changing the script to use sys.argv1 as the argument for socket.gethostbyname will fix the error and allow the script to scan the ports of the target IP address.

• Question 219:

  Which of the following tools can a penetration tester use to brute force a user password over SSH using multiple threads?

  A. CeWL
  B. John the Ripper
  C. Hashcat
  D. Hydra
  D. Hydra

  ---

  Explanation

  Hydra is a powerful tool for conducting brute-force attacks against various protocols, including SSH. It is capable of using multiple threads to perform concurrent attempts, significantly increasing the efficiency of the attack. This capability makes Hydra particularly suited for brute-forcing user passwords over SSH, as it can quickly try numerous combinations of usernames and passwords. The tool's ability to support a wide range of protocols, its flexibility in handling different authentication mechanisms, and its efficiency in managing multiple simultaneous connections make it a go-to choice for penetration testers looking to test the strength of passwords in a target system's SSH service.

• Question 220:

  User credentials were captured from a database during an assessment and cracked using rainbow tables.

  Based on the ease of compromise, which of the following algorithms was MOST likely used to store the passwords in the database?

  A. MD5
  B. bcrypt
  C. SHA-1
  D. PBKDF2
  A. MD5

  ---

  Explanation

  https://www.geeksforgeeks.org/understanding-rainbow-table-attack/