| Exam Name: | CompTIA PenTest+ Exam | ||
| Exam Code: | PT0-003 Dumps | ||
| Vendor: | CompTIA | Certification: | PenTest+ |
| Questions: | 336 Q&A's | Shared By: | reyan |
Which of the following is a term used to describe a situation in which a penetration tester bypasses physical access controls and gains access to a facility by entering at the same time as an employee?
During a security audit, a penetration tester wants to exploit a vulnerability in a common network protocol. The protocol allows encrypted communications to be intercepted and manipulated. Which of the following vulnerabilities should the tester exploit?
A penetration tester gains initial access to a system and gets ready to perform additional reconnaissance. The tester cannot use Nmap on the system they used to gain initial access. The tester develops the following script to scan a network range:
$port = 80
$network = 192.168.1
$range = 1..254
$ErrorActionPreference = ' silentlycontinue '
$(Foreach ($r in $range)
{
$ip = " {0}.{1} " -F $network,$r
Write-Progress " Scanning " $ip -PercentComplete (($r/$range.Count)*100)
If(Test-Connection -BufferSize 32 -Count 1 -quiet -ComputerName $ip)
{
$socket = new-object System.Net.Sockets.TcpClient($ip, $port)
If($socket.Connected)
{
" $ip port $port is open "
$socket.Close()
}
else { " $ip port $port is closed " }
}
}) | Out-File C:\nefarious_location\portscan.csv
The tester wants to modify the current script so multiple ports can be scanned. The tester enters a comma-separated list of ports in the port variable. Which of the following should the tester do next to provide the intended outcome?
Which of the following will reduce the possibility of introducing errors or bias in a penetration test report?