Comptia passleader pdf Pt0-002 Study Guide by Maddox q127 vce pdf

Page: 19 / 34

Exam Name:	CompTIA PenTest+ Certification Exam
Exam Code:	PT0-002 Dumps
Vendor:	CompTIA	Certification:	PenTest+
Questions:	464 Q&A's	Shared By:	maddox

Question 76

A penetration tester has gained access to part of an internal network and wants to exploit on a different network segment. Using Scapy, the tester runs the following command:

Questions 76

Which of the following represents what the penetration tester is attempting to accomplish?

Options:

DNS cache poisoning

MAC spoofing

ARP poisoning

Double-tagging attack

Discussion

Question 77

A penetration tester ran the following commands on a Windows server:

Questions 77

Which of the following should the tester do AFTER delivering the final report?

Options:

Delete the scheduled batch job.

Close the reverse shell connection.

Downgrade the svsaccount permissions.

Remove the tester-created credentials.

Discussion

Question 78

A security company has been contracted to perform a scoped insider-threat assessment to try to gain access to the human resources server that houses PII and salary data. The penetration testers have been given an internal network starting position.

Which of the following actions, if performed, would be ethical within the scope of the assessment?

Options:

Exploiting a configuration weakness in the SQL database

Intercepting outbound TLS traffic

Gaining access to hosts by injecting malware into the enterprise-wide update server

Leveraging a vulnerability on the internal CA to issue fraudulent client certificates

Establishing and maintaining persistence on the domain controller

Discussion

Question 79

A penetration tester recently completed a review of the security of a core network device within a corporate environment. The key findings are as follows:

• The following request was intercepted going to the network device:

GET /login HTTP/1.1

Host: 10.50.100.16

User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0

Accept-Language: en-US,en;q=0.5

Connection: keep-alive

Authorization: Basic WU9VUilOQU1FOnNlY3JldHBhc3N3b3jk

• Network management interfaces are available on the production network.

• An Nmap scan returned the following:

Questions 79

Which of the following would be BEST to add to the recommendations section of the final report? (Choose two.)

Options:

Enforce enhanced password complexity requirements.

Disable or upgrade SSH daemon.

Disable HTTP/301 redirect configuration.

Create an out-of-band network for management.

Implement a better method for authentication.

Eliminate network management and control interfaces.

Discussion

Fatima

Hey I passed my exam. The world needs to know about it. I have never seen real exam questions on any other exam preparation resource like I saw on Cramkey Dumps.

Niamh Oct 15, 2024

That's true. Cramkey Dumps are simply the best when it comes to preparing for the certification exam. They have all the key information you need and the questions are very similar to what you'll see on the actual exam.

Annabel

I recently used them for my exam and I passed it with excellent score. I am impressed.

Amirah Oct 28, 2024

I passed too. The questions I saw in the actual exam were exactly the same as the ones in the Cramkey Dumps. I was able to answer the questions confidently because I had already seen and studied them.

Freddy

I passed my exam with flying colors and I'm confident who will try it surely ace the exam.

Aleksander Sep 26, 2024

Thanks for the recommendation! I'll check it out.

Reeva

Wow what a success I achieved today. Thank you so much Cramkey for amazing Dumps. All students must try it.

Amari Sep 1, 2024

Wow, that's impressive. I'll definitely keep Cramkey in mind for my next exam.

Page: 19 / 34

Title

Questions

Posted