Comptia passcert pt0-002 Vce Exam Download by Warren q127 vce pdf

Page: 16 / 32

Exam Name:	CompTIA PenTest+ Certification Exam
Exam Code:	PT0-002 Dumps
Vendor:	CompTIA	Certification:	PenTest+
Questions:	445 Q&A's	Shared By:	warren

Question 64

A penetration tester discovered a code repository and noticed passwords were hashed before they were stored in the database with the following code? salt = ‘123’ hash = hashlib.pbkdf2_hmac(‘sha256’, plaintext, salt, 10000) The tester recommended the code be updated to the following salt = os.urandom(32) hash = hashlib.pbkdf2_hmac(‘sha256’, plaintext, salt, 10000) Which of the following steps should the penetration tester recommend?

Options:

Changing passwords that were created before this code update

Keeping hashes created by both methods for compatibility

Rehashing all old passwords with the new code

Replacing the SHA-256 algorithm to something more secure

Discussion

Question 65

A penetration tester has prepared the following phishing email for an upcoming penetration test:

Questions 65

Which of the following is the penetration tester using MOST to influence phishing targets to click on the link?

Options:

Familiarity and likeness

Authority and urgency

Scarcity and fear

Social proof and greed

Discussion

Yusra

I passed my exam. Cramkey Dumps provides detailed explanations for each question and answer, so you can understand the concepts better.

Alisha Aug 29, 2024

I recently used their dumps for the certification exam I took and I have to say, I was really impressed.

Carson

Yeah, definitely. I would definitely recommend Cramkey Dumps to anyone who is preparing for an exam.

Rufus Aug 20, 2024

Me too. They're a lifesaver!

Reeva

Wow what a success I achieved today. Thank you so much Cramkey for amazing Dumps. All students must try it.

Amari Sep 1, 2024

Wow, that's impressive. I'll definitely keep Cramkey in mind for my next exam.

Anya

I must say they're considered the best dumps available and the questions are very similar to what you'll see in the actual exam. Recommended!!!

Cassius Nov 2, 2024

Yes, they offer a 100% success guarantee. And many students who have used them have reported passing their exams with flying colors.

Question 66

A penetration tester is evaluating a company's network perimeter. The tester has received limited information about defensive controls or countermeasures, and limited internal knowledge of the testing exists. Which of the following should be the FIRST step to plan the reconnaissance activities?

Options:

Launch an external scan of netblocks.

Check WHOIS and netblock records for the company.

Use DNS lookups and dig to determine the external hosts.

Conduct a ping sweep of the company's netblocks.

Discussion

Question 67

A penetration tester is conducting an authorized, physical penetration test to attempt to enter a client's building during non-business hours. Which of the following are MOST important for the penetration tester to have during the test? (Choose two.)

Options:

A handheld RF spectrum analyzer

A mask and personal protective equipment

Caution tape for marking off insecure areas

A dedicated point of contact at the client

The paperwork documenting the engagement

Knowledge of the building's normal business hours