Month End Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: get65

CompTIA Updated PT0-002 Exam Questions and Answers by mari

Page: 25 / 34

CompTIA PT0-002 Exam Overview :

Exam Name: CompTIA PenTest+ Certification Exam
Exam Code: PT0-002 Dumps
Vendor: CompTIA Certification: PenTest+
Questions: 464 Q&A's Shared By: mari
Question 100

A penetration tester developed the following script to be used during an engagement:

#!/usr/bin/python

import socket, sys

ports = [21, 22, 23, 25, 80, 139, 443, 445, 3306, 3389]

if len(sys.argv) > 1:

target = socket.gethostbyname (sys. argv [0])

else:

print ("Few arguments.")

print ("Syntax: python {} ". format (sys. argv [0]))

sys.exit ()

try:

for port in ports:

s = socket. socket (socket. AF_INET, socket. SOCK_STREAM)

s.settimeout (2)

result = s.connect_ex ((target, port) )

if result == 0:

print ("Port {} is opened". format (port) )

except KeyboardInterrupt:

print ("\nExiting ... ")

sys.exit ()

However, when the penetration tester ran the script, the tester received the following message:

socket.gaierror: [Errno -2] Name or service not known

Which of the following changes should the penetration tester implement to fix the script?

Options:

A.

From:

target = socket.gethostbyname (sys. argv [0])

To:

target = socket.gethostbyname (sys.argv[1])

B.

From:

s = socket. socket (socket. AF_INET, socket. SOCK_STREAM)

To:

s = socket.socket (socket.AF_INET, socket. SOCK_DGRAM)

C.

From:

import socket, sys

To:

import socket

import sys

D.

From:

result = s.connect_ex ((target, port) )

To:

result = s.connect ( (target, port) )

Discussion
Inaaya
Are these Dumps worth buying?
Fraser Oct 9, 2024
Yes, of course, they are necessary to pass the exam. They give you an insight into the types of questions that could come up and help you prepare effectively.
Inaya
Passed the exam. questions are valid. The customer support is top-notch. They were quick to respond to any questions I had and provided me with all the information I needed.
Cillian Oct 20, 2024
That's a big plus. I've used other dump providers in the past and the customer support was often lacking.
Everleigh
I must say that they are updated regularly to reflect the latest exam content, so you can be sure that you are getting the most accurate information. Plus, they are easy to use and understand, so even new students can benefit from them.
Huxley Aug 26, 2024
That's great to know. So, you think new students should buy these dumps?
Georgina
I used Cramkey Dumps to prepare for my recent exam and I have to say, they were a huge help.
Corey Oct 2, 2024
Really? How did they help you? I know these are the same questions appears in exam. I will give my try. But tell me if they also help in some training?
Cody
I used Cramkey Dumps to prepare and a lot of the questions on the exam were exactly what I found in their study materials.
Eric Sep 13, 2024
Really? That's great to hear! I used Cramkey Dumps too and I had the same experience. The questions were almost identical.
Question 101

A security analyst is conducting an unknown environment test from 192.168 3.3. The analyst wants to limit observation of the penetration tester's activities and lower the probability of detection by intrusion protection and detection systems. Which of the following Nmap commands should the analyst use to achieve This objective?

Options:

A.

Nmap –F 192.168.5.5

B.

Map –datalength 2.192.168.5.5

C.

Nmap –D 10.5.2.2.168.5.5

D.

Map –scanflags SYNFIN 192.168.5.5

Discussion
Question 102

During a code review assessment, a penetration tester finds the following vulnerable code inside one of the web application files:

<% String id = request.getParameter("id"); %>

Employee ID: <%= id %>

Which of the following is the best remediation to prevent a vulnerability from being exploited, based on this code?

Options:

A.

Parameterized queries

B.

Patch application

C.

Output encoding

Discussion
Question 103

A penetration tester is hired to test a client’s systems. The client's systems are hosted by the client at its headquarters. The production environment is hosted by a private cloud-hosting company. Which of the following would be the most important for the penetration tester to determine before beginning the test?

Options:

A.

Third-party asset restrictions

B.

Disallowed tests

C.

Physical locations of theinfrastructure

D.

Time-of-day restrictions

Discussion
Page: 25 / 34
Title
Questions
Posted

PT0-002
PDF

$36.75  $104.99

PT0-002 Testing Engine

$43.75  $124.99

PT0-002 PDF + Testing Engine

$57.75  $164.99