PT0-002試験無料問題集（460題）「CompTIA PenTest+ Certification 認定」

出題：1

A penetration tester wants to find hidden information in documents available on the web at a particular domain. Which of the following should the penetration tester use?

A. FOCA

B. CentralOps

C. Responder

D. Netcraft

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：2

A penetration tester issues the following command after obtaining a low-privilege reverse shell: wmic service get name,pathname,startmode
Which of the following is the most likely reason the penetration tester ran this command?

A. To search for passwords in the service directory

B. To find services that have unquoted service paths

C. To list scheduled tasks that may be exploitable

D. To register a service to run as System

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：3

After running the enum4linux.pl command, a penetration tester received the following output:
Which of the following commands should the penetration tester run NEXT?

A. smbget //192.168.100.56/web -U ''

B. smbspool //192.160.100.56/print$

C. net rpc share -S 192.168.100.56 -U ''

D. smbclient //192.168.100.56/web -U '' -N

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：4

A penetration tester is attempting to discover live hosts on a subnet quickly.
Which of the following commands will perform a ping scan?

A. nmap -sn 10.12.1.0/24

B. nmap -sT -p- 10.12.1.0/24

C. nmap -sV -A 10.12.1.0/24

D. nmap -Pn 10.12.1.0/24

正解：A 解答を投票する

出題：5

A penetration tester has gained access to the Chief Executive Officer's (CEO's) internal, corporate email. The next objective is to gain access to the network.
Which of the following methods will MOST likely work?

A. Move laterally from the mail server to the domain controller.

B. Send an email from the CEO's account, requesting a new account.

C. Attempt to escalate privileges on the mail server to gain root access.

D. Try to obtain the private key used for S/MIME from the CEO's account.

正解：C 解答を投票する

出題：6

A penetration tester gains access to a web server and notices a large number of devices in the system ARP table. Upon scanning the web server, the tester determines that many of the devices are user ...ch of the following should be included in the recommendations for remediation?

A. Implement endpoint protection on the workstations

B. patch-management program for the web server.

C. the web server in a screened subnet

D. training program on proper access to the web server

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：7

Penetration tester has discovered an unknown Linux 64-bit executable binary. Which of the following tools would be BEST to use to analyze this issue?

A. OllyDbg

B. Peach

C. GDB

D. WinDbg

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：8

During a vulnerability scanning phase, a penetration tester wants to execute an Nmap scan using custom NSE scripts stored in the following folder:
/home/user/scripts

Which of the following commands should the penetration tester use to perform this scan?

A. nmap script default safe

B. nmap resume "not intrusive"

C. nmap script /home/user/scripts

D. nmap -load /home/user/scripts

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：9

A penetration tester developed the following script:
bash
Copy code
for ip in $(seq 1 254);
do echo $(echo "192.168.15.$ip ") $(host 192.168.15.$ip dns.company.com | grep "domain name pointer")
done | grep "domain name pointer" | cut -d" " -f1,6
Which of the following best explains the purpose of this script?

A. To search for DNS servers among the IP addresses in a subnet

B. To query the DNS for IP addresses and corresponding hostnames in a subnet

C. To ping every IP address in a subnet to discover live hosts

D. To output a list of all IP addresses in a subnet for later scanning

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：10

Given the following code:
Which of the following data structures is systems?

A. A tuple

B. A dictionary

C. An array

D. A tree

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：11

During an assessment, a penetration tester found an application with the default credentials enabled. Which of the following best describes the technical control required to fix this issue?

A. Password encryption

B. Patch management

C. System hardening

D. Multifactor authentication

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：12

A penetration tester enters a command into the shell and receives the following output:
C:\Users\UserX\Desktop>vmic service get name, pathname, displayname, startmode | findstr /i auto | findstr /i /v |C:\\Windows\\" I findstr /i /v""
VulnerableService Some Vulnerable Service C:\Program Files\A Subfolder\B Subfolder\SomeExecutable.exe Automatic
Which of the following types of vulnerabilities does this system contain?

A. Writable services

B. Insecure file/folder permissions

C. Clear text credentials

D. Unquoted service path

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：13

After gaining access to a Linux system with a non-privileged account, a penetration tester identifies the following file:

Which of the following actions should the tester perform FIRST?

A. Change the file permissions.

B. Use privilege escalation.

C. Cover tracks.

D. Start a reverse shell.

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：14

A penetration tester is reviewing the following DNS reconnaissance results for comptia.org from dig:
comptia.org. 3569 IN MX comptia.org-mail.protection.outlook.com. comptia.org. 3569 IN A 3.219.13.186. comptia.org.
3569 IN NS ns1.comptia.org. comptia.org. 3569 IN SOA haven. administrator.comptia.org. comptia.org. 3569 IN MX new.mx0.comptia.org. comptia.org. 3569 IN MX new.mx1.comptia.org.
Which of the following potential issues can the penetration tester identify based on this output?

A. There is a duplicate MX record.

B. The SOA records outside the comptia.org domain.

C. At least one of the records is out of scope.

D. The NS record is not within the appropriate domain.

正解：C 解答を投票する

出題：15

A penetration tester is performing an assessment for an application that is used by large organizations operating in the heavily regulated financial services industry. The penetration tester observes that the default Admin User account is enabled and appears to be used several times a day by unfamiliar IP addresses. Which of the following is the most appropriate way to remediate this issue?

A. Implement system hardening.

B. Require local network access.

C. Restrict simultaneous user log-ins.

D. Increase password complexity.

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：16

In an unprotected network file repository, a penetration tester discovers a text file containing usernames and passwords in cleartext and a spreadsheet containing data for 50 employees, including full names, roles, and serial numbers. The tester realizes some of the passwords in the text file follow the format: <name- serial_number>. Which of the following would be the best action for the tester to take NEXT with this information?

A. Recommend configuring password complexity rules in all the systems and applications.

B. Create a custom password dictionary as preparation for password spray testing.

C. Document the unprotected file repository as a finding in the penetration-testing report.

D. Recommend using a password manage/vault instead of text files to store passwords securely.

正解：C 解答を投票する

PT0-002試験無料問題集「CompTIA PenTest+ Certification 認定」