1. Home
  2. CompTIA
  3. PT1-002

CompTIA PenTest+ Certification Exam

Exam Details

  • Exam Code
    :PT1-002
  • Exam Name
    :CompTIA PenTest+ Certification Exam
  • Certification
    :CompTIA PenTest+
  • Vendor
    :CompTIA
  • Total Questions
    :131 Q&As
  • Last Updated
    :Oct 28, 2024

CompTIA CompTIA PenTest+ PT1-002 Questions & Answers

  • Question 81:

    A penetration tester wants to scan a target network without being detected by the client's IDS. Which of the following scans is MOST likely to avoid detection?

    A. nmap –p0 –T0 –sS 192.168.1.10

    B. nmap –sA –sV --host-timeout 60 192.168.1.10

    C. nmap –f --badsum 192.168.1.10

    D. nmap –A –n 192.168.1.10

  • Question 82:

    A penetration tester discovers during a recent test that an employee in the accounting department has been making changes to a payment system and redirecting money into a personal bank account. The penetration test was immediately stopped. Which of the following would be the BEST recommendation to prevent this type of activity in the future?

    A. Enforce mandatory employee vacations

    B. Implement multifactor authentication

    C. Install video surveillance equipment in the office

    D. Encrypt passwords for bank account information

  • Question 83:

    Which of the following tools provides Python classes for interacting with network protocols?

    A. Responder

    B. Impacket

    C. Empire

    D. PowerSploit

  • Question 84:

    A penetration tester has obtained shell access to a Windows host and wants to run a specially crafted binary for later execution using the wmic.exe process call create function. Which of the following OS or filesystem mechanisms is MOST likely to support this objective?

    A. Alternate data streams

    B. PowerShell modules

    C. MP4 steganography

    D. PsExec

  • Question 85:

    A mail service company has hired a penetration tester to conduct an enumeration of all user accounts on an SMTP server to identify whether previous staff member accounts are still active. Which of the following commands should be used to accomplish the goal?

    A. VRFY and EXPN

    B. VRFY and TURN

    C. EXPN and TURN

    D. RCPT TO and VRFY

  • Question 86:

    A software development team is concerned that a new product's 64-bit Windows binaries can be deconstructed to the underlying code. Which of the following tools can a penetration tester utilize to help the team gauge what an attacker might see in the binaries?

    A. Immunity Debugger

    B. OllyDbg

    C. GDB

    D. Drozer

  • Question 87:

    A penetration tester is scanning a corporate lab network for potentially vulnerable services. Which of the following Nmap commands will return vulnerable ports that might be interesting to a potential attacker?

    A. nmap 192.168.1.1-5 –PU22-25,80

    B. nmap 192.168.1.1-5 –PA22-25,80

    C. nmap 192.168.1.1-5 –PS22-25,80

    D. nmap 192.168.1.1-5 –Ss22-25,80

  • Question 88:

    A penetration tester has identified several newly released CVEs on a VoIP call manager. The scanning tool the tester used determined the possible presence of the CVEs based off the version number of the service. Which of the following methods would BEST support validation of the possible findings?

    A. Manually check the version number of the VoIP service against the CVE release

    B. Test with proof-of-concept code from an exploit database

    C. Review SIP traffic from an on-path position to look for indicators of compromise

    D. Utilize an nmap –sV scan against the service

  • Question 89:

    A penetration tester has obtained root access to a Linux-based file server and would like to maintain persistence after reboot. Which of the following techniques would BEST support this objective?

    A. Create a one-shot systemd service to establish a reverse shell.

    B. Obtain /etc/shadow and brute force the root password.

    C. Run the nc -e /bin/sh <...> command.

    D. Move laterally to create a user account on LDAP

  • Question 90:

    A penetration tester obtained the following results after scanning a web server using the dirb utility:

    ...

    GENERATED WORDS: 4612

    ---- Scanning URL: http://10.2.10.13/ ---

    +

    http://10.2.10.13/about (CODE:200|SIZE:1520)

    +

    http://10.2.10.13/home.html (CODE:200|SIZE:214)

    +

    http://10.2.10.13/index.html (CODE:200|SIZE:214)

    +

    http://10.2.10.13/info (CODE:200|SIZE:214)

    ...

    DOWNLOADED: 4612 – FOUND: 4

    Which of the following elements is MOST likely to contain useful information for the penetration tester?

    A. index.html

    B. about

    C. info

    D. home.html

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your PT1-002 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.