Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

CompTIA PT0-002 - CompTIA PenTest+ Certification Exam

Page: 8 / 14
Total 464 questions

A penetration tester opened a reverse shell on a Linux web server and successfully escalated privileges to root. During the engagement, the tester noticed that another user logged in frequently as root to perform work tasks. To avoid disrupting this user’s work, which of the following is the BEST option for the penetration tester to maintain root-level persistence on this server during the test?

A.

Add a web shell to the root of the website.

B.

Upgrade the reverse shell to a true TTY terminal.

C.

Add a new user with ID 0 to the /etc/passwd file.

D.

Change the password of the root user and revert after the test.

A security analyst needs to perform an on-path attack on BLE smart devices. Which of the following tools would be BEST suited to accomplish this task?

A.

Wireshark

B.

Gattacker

C.

tcpdump

D.

Netcat

Penetration tester who was exclusively authorized to conduct a physical assessment noticed there were no cameras pointed at the dumpster for company. The penetration tester returned at night and collected garbage that contained receipts for recently purchased networking :. The models of equipment purchased are vulnerable to attack. Which of the following is the most likely next step for the penetration?

A.

Alert the target company of the discovered information.

B.

Verify the discovered information is correct with the manufacturer.

C.

Scan the equipment and verify the findings.

D.

Return to the dumpster for more information.

Which of the following BEST explains why a penetration tester cannot scan a server that was previously scanned successfully?

A.

The IP address is wrong.

B.

The server is unreachable.

C.

The IP address is on the blocklist.

D.

The IP address is on the allow list.

The following output is from reconnaissance on a public-facing banking website:

Based on these results, which of the following attacks is MOST likely to succeed?

A.

A birthday attack on 64-bit ciphers (Sweet32)

B.

An attack that breaks RC4 encryption

C.

An attack on a session ticket extension (Ticketbleed)

D.

A Heartbleed attack

Which of the following situations would require a penetration tester to notify the emergency contact for the engagement?

A.

The team exploits a critical server within the organization.

B.

The team exfiltrates PII or credit card data from the organization.

C.

The team loses access to the network remotely.

D.

The team discovers another actor on a system on the network.

Which of the following concepts defines the specific set of steps and approaches that are conducted during a penetration test?

A.

Scope details

B.

Findings

C.

Methodology

D.

Statement of work

SIMULATION

Using the output, identify potential attack vectors that should be further investigated.

A penetration tester gains access to a system and is able to migrate to a user process:

Given the output above, which of the following actions is the penetration tester performing? (Choose two.)

A.

Redirecting output from a file to a remote system

B.

Building a scheduled task for execution

C.

Mapping a share to a remote system

D.

Executing a file on the remote system

E.

Creating a new process on all domain systems

F.

Setting up a reverse shell from a remote system

G.

Adding an additional IP address on the compromised system

A penetration tester is conducting an engagement against an internet-facing web application and planning a phishing campaign. Which of the following is the BEST passive method of obtaining the technical contacts for the website?

A.

WHOIS domain lookup

B.

Job listing and recruitment ads

C.

SSL certificate information

D.

Public data breach dumps