CompTIA PT0-002 Exam Questions - Real Practice Questions for Guaranteed Success

Question 1

A vulnerability assessor is looking to establish a baseline of all IPv4 network traffic on the local VLAN without a local IP address. Which of the following Nmap command sequences would best provide this information?

Asudo nmap ---script=bro* -e ethO

Bsudo nmap -sF ---script=* -e ethO

Csudo nmap -sV -sT -p 0-65535 -e ethO

Dsudo nmap -sV -p 0-65535 0.0.0.0/0

Correct : A

The command sudo nmap ---script=bro* -e ethO is the best choice for establishing a baseline of all IPv4 network traffic on the local VLAN without a local IP address. The ---script=bro* specifies the use of scripts that can capture and analyze traffic, and -e ethO specifies the network interface to be used. This allows the vulnerability assessor to capture and analyze network traffic at a low level, which is essential for baseline analysis.

Nmap Scripting Engine (NSE)

Nmap Network Interface Specification

Options Selected by Other Users:

Mark Question:

Start a Discussions

Submit Your Answer:

Asudo nmap ---script=bro* -e ethO

Bsudo nmap -sF ---script=* -e ethO

Csudo nmap -sV -sT -p 0-65535 -e ethO

Dsudo nmap -sV -p 0-65535 0.0.0.0/0

0 / 1500

Question 2

An organization is using Android mobile devices but does not use MDM services. Which of the following describes an existing risk present in this scenario?

ADevice log facility does not record actions.

BEnd users have root access by default.

CUnsigned applications can be installed.

DPush notification services require internet.

Correct : C

The risk present in an organization using Android mobile devices without Mobile Device Management (MDM) services is that unsigned applications can be installed. Without MDM, there are fewer controls over the installation of applications, which increases the risk of installing malicious or unauthorized applications. MDM services typically provide a way to enforce application signing policies, preventing the installation of unsigned apps.

OWASP Mobile Security Project

NIST Mobile Device Management Guide

Options Selected by Other Users:

Mark Question:

Start a Discussions

Submit Your Answer:

ADevice log facility does not record actions.

BEnd users have root access by default.

CUnsigned applications can be installed.

DPush notification services require internet.

0 / 1500

Question 3

A penetration tester is conducting an assessment on a web application. Which of the following active reconnaissance techniques would be best for the tester to use to gather additional information about the application?

AUsing cURL with the verbose option

BCrawling UR Is using an interception proxy

CUsing Scapy for crafted requests

DCrawling URIs using a web browser

Correct : B

Crawling URIs using an interception proxy is the best active reconnaissance technique for gathering additional information about a web application. An interception proxy, such as Burp Suite or OWASP ZAP, allows the penetration tester to see and manipulate the requests and responses between the client and the server, providing detailed insights into the application's behavior, structure, and vulnerabilities. This technique is more comprehensive and controlled compared to using cURL or a web browser.

OWASP Testing Guide: Web Application Security Testing

Burp Suite Documentation

OWASP ZAP User Guide

Options Selected by Other Users:

Mark Question:

Start a Discussions

Submit Your Answer:

AUsing cURL with the verbose option

BCrawling UR Is using an interception proxy

CUsing Scapy for crafted requests

DCrawling URIs using a web browser

0 / 1500

Question 4

A penetration tester exploits a vulnerable service to gain a shell on a target server. The tester receives the following:

Directory of C:\Users\Guest 05/13/2022 09:23 PM mimikatz.exe 05/18/2022 09:24 PM mimidrv.sys 05/18/2022 09:24 PM mimilib.dll

Which of the following best describes these findings?

AIndicators of prior compromise

BPassword encryption tools

CFalse positives

DDe-escalation attempts

Correct : A

The presence of files such as mimikatz.exe, mimidrv.sys, and mimilib.dll on a target server indicates prior compromise. Mimikatz is a well-known post-exploitation tool used for extracting plaintext passwords, hash dumps, PIN codes, and Kerberos tickets from memory. These files suggest that an attacker has previously gained access to the system and used Mimikatz for credential harvesting. This is a strong indicator of a prior security breach rather than tools used for password encryption or false positives.

Mimikatz Usage and Detection

Understanding Indicators of Compromise

Options Selected by Other Users:

Mark Question:

Start a Discussions

Submit Your Answer:

AIndicators of prior compromise

BPassword encryption tools

CFalse positives

DDe-escalation attempts

0 / 1500

Question 5

During a penetration test of a server application, a security consultant found that the application randomly crashed or remained stable after opening several simultaneous connections to the application and always submitting the same packets of dat

a. Which of the following is the best sequence of steps the tester should use to understand and exploit the vulnerability?

AAttach a remote profiler to the server application. Establish a random number of connections to the server application. Send fixed packets of data simultaneously using those connections.

BAttach a remote debugger to the server application. Establish a large number of connections to the server application. Send fixed packets of data simultaneously using those connections.

CAttach a local disassembler to the server application. Establish a single connection to the server application. Send fixed packets of data simultaneously using that connection.

DAttach a remote disassembler to the server application. Establish a small number of connections to the server application. Send fixed packets of data simultaneously using those connections.

Correct : B

To understand and exploit the vulnerability causing the server application to crash or remain stable after opening several simultaneous connections, the best approach is to attach a remote debugger to the application. This allows the penetration tester to monitor the application's behavior in real-time without affecting the stability of the testing environment. Establishing a large number of connections to the server and sending fixed packets of data simultaneously can help to reproduce the issue consistently, which is crucial for identifying the cause of the crashes. Analyzing the application's response and debugging data will provide insights into potential buffer overflow, race conditions, or other vulnerabilities.

Effective Debugging Techniques

Fuzz Testing and Debugging

Options Selected by Other Users:

Mark Question:

Start a Discussions

Submit Your Answer:

AAttach a remote profiler to the server application. Establish a random number of connections to the server application. Send fixed packets of data simultaneously using those connections.

BAttach a remote debugger to the server application. Establish a large number of connections to the server application. Send fixed packets of data simultaneously using those connections.

CAttach a local disassembler to the server application. Establish a single connection to the server application. Send fixed packets of data simultaneously using that connection.

DAttach a remote disassembler to the server application. Establish a small number of connections to the server application. Send fixed packets of data simultaneously using those connections.

0 / 1500

Master CompTIA PT0-002 Exam with Reliable Practice Questions

Options Selected by Other Users:

Options Selected by Other Users:

Options Selected by Other Users:

Options Selected by Other Users:

Options Selected by Other Users: