CompTIA PT0-002豪華セット学習ガイドにはオンライン試験エンジン [Q96-Q112]

Share

CompTIA PT0-002豪華セット学習ガイドにはオンライン試験エンジン

PT0-002問題集レビュー専門クイズ学習材料

質問 # 96
A Chief Information Security Officer wants to evaluate the security of the company's e-commerce application. Which of the following tools should a penetration tester use FIRST to obtain relevant information from the application without triggering alarms?

  • A. w3af
  • B. SQLmap
  • C. OWASP ZAP
  • D. DirBuster

正解:C


質問 # 97
A penetration tester is reviewing the following DNS reconnaissance results for comptia.org from dig:
comptia.org. 3569 IN MX comptia.org-mail.protection.outlook.com. comptia.org. 3569 IN A 3.219.13.186.
comptia.org.
3569 IN NS ns1.comptia.org. comptia.org. 3569 IN SOA haven. administrator.comptia.org. comptia.org. 3569 IN MX new.mx0.comptia.org. comptia.org. 3569 IN MX new.mx1.comptia.org.
Which of the following potential issues can the penetration tester identify based on this output?

  • A. At least one of the records is out of scope.
  • B. The NS record is not within the appropriate domain.
  • C. There is a duplicate MX record.
  • D. The SOA records outside the comptia.org domain.

正解:A


質問 # 98
A penetration tester is reviewing the following SOW prior to engaging with a client:
"Network diagrams, logical and physical asset inventory, and employees' names are to be treated as client confidential. Upon completion of the engagement, the penetration tester will submit findings to the client's Chief Information Security Officer (CISO) via encrypted protocols and subsequently dispose of all findings by erasing them in a secure manner." Based on the information in the SOW, which of the following behaviors would be considered unethical? (Choose two.)

  • A. Seeking help with the engagement in underground hacker forums by sharing the client's public IP address
  • B. Utilizing public-key cryptography to ensure findings are delivered to the CISO upon completion of the engagement
  • C. Utilizing proprietary penetration-testing tools that are not available to the public or to the client for auditing and inspection
  • D. Using a software-based erase tool to wipe the client's findings from the penetration tester's laptop
  • E. Retaining the SOW within the penetration tester's company for future use so the sales team can plan future engagements
  • F. Failing to share with the client critical vulnerabilities that exist within the client architecture to appease the client's senior leadership team

正解:D、F


質問 # 99
After gaining access to a Linux system with a non-privileged account, a penetration tester identifies the following file:

Which of the following actions should the tester perform FIRST?

  • A. Change the file permissions.
  • B. Cover tracks.
  • C. Start a reverse shell.
  • D. Use privilege escalation.

正解:D


質問 # 100
A tester who is performing a penetration test on a website receives the following output:
Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in /var/www/search.php on line 62 Which of the following commands can be used to further attack the website?

  • A. 1 UNION SELECT 1, DATABASE(),3--
  • B. ../../../../../../../../../../etc/passwd
  • C. /var/www/html/index.php;whoami
  • D. <script>var adr= '../evil.php?test=' + escape(document.cookie);</script>

正解:A


質問 # 101
During a penetration test, a tester is able to change values in the URL from example.com/login.php?id=5 to example.com/login.php?id=10 and gain access to a web application. Which of the following vulnerabilities has the penetration tester exploited?

  • A. Broken authentication
  • B. Cross-site scripting
  • C. Command injection
  • D. Direct object reference

正解:D

解説:
Insecure direct object reference (IDOR) is a vulnerability where the developer of the application does not implement authorization features to verify that someone accessing data on the site is allowed to access that data.


質問 # 102
A penetration tester is conducting a penetration test and discovers a vulnerability on a web server that is owned by the client. Exploiting the vulnerability allows the tester to open a reverse shell. Enumerating the server for privilege escalation, the tester discovers the following:

Which of the following should the penetration tester do NEXT?

  • A. Investigate the high numbered port connections.
  • B. Close the reverse shell the tester is using.
  • C. Contact the client immediately.
  • D. Note this finding for inclusion in the final report.

正解:C


質問 # 103
A red team gained access to the internal network of a client during an engagement and used the Responder tool to capture important dat
a. Which of the following was captured by the testing team?

  • A. Encrypted file transfers
  • B. IP addresses
  • C. Multiple handshakes
  • D. User hashes sent over SMB

正解:B


質問 # 104
The following output is from reconnaissance on a public-facing banking website:

Based on these results, which of the following attacks is MOST likely to succeed?

  • A. An attack that breaks RC4 encryption
  • B. A Heartbleed attack
  • C. An attack on a session ticket extension (Ticketbleed)
  • D. A birthday attack on 64-bit ciphers (Sweet32)

正解:A


質問 # 105
A company recruited a penetration tester to configure wireless IDS over the network. Which of the following tools would BEST test the effectiveness of the wireless IDS solutions?

  • A. Kismet
  • B. Wireshark
  • C. Aircrack-ng
  • D. Wifite

正解:C


質問 # 106
Performing a penetration test against an environment with SCADA devices brings additional safety risk because the:

  • A. protocols are more difficult to understand.
  • B. devices produce more heat and consume more power.
  • C. devices may cause physical world effects.
  • D. devices are obsolete and are no longer available for replacement.

正解:C

解説:
Explanation
"A significant issue identified by Wiberg is that using active network scanners, such as Nmap, presents a weakness when attempting port recognition or service detection on SCADA devices. Wiberg states that active tools such as Nmap can use unusual TCP segment data to try and find available ports. Furthermore, they can open a massive amount of connections with a specific SCADA device but then fail to close them gracefully." And since SCADA and ICS devices are designed and implemented with little attention having been paid to the operational security of these devices and their ability to handle errors or unexpected events, the presence idle open connections may result into errors that cannot be handled by the devices.


質問 # 107
A penetration tester wants to find hidden information in documents available on the web at a particular domain. Which of the following should the penetration tester use?

  • A. CentralOps
  • B. FOCA
  • C. Netcraft
  • D. Responder

正解:B

解説:
Explanation
https://kalilinuxtutorials.com/foca-metadata-hidden-documents/


質問 # 108
A company that requires minimal disruption to its daily activities needs a penetration tester to perform information gathering around the company's web presence. Which of the following would the tester find MOST helpful in the initial information-gathering steps? (Choose two.)

  • A. Zone transfers
  • B. Externally facing open ports
  • C. IP addresses and subdomains
  • D. Shodan results
  • E. Internet search engines
  • F. DNS forward and reverse lookups

正解:A、C


質問 # 109
A security professional wants to test an IoT device by sending an invalid packet to a proprietary service listening on TCP port 3011. Which of the following would allow the security professional to easily and programmatically manipulate the TCP header length and checksum using arbitrary numbers and to observe how the proprietary service responds?

  • A. hping3
  • B. Scapy
  • C. Nmap
  • D. tcpdump

正解:B

解説:
Explanation
https://0xbharath.github.io/art-of-packet-crafting-with-scapy/scapy/creating_packets/index.html
https://scapy.readthedocs.io/en/latest/introduction.html#about-scapy


質問 # 110
A customer adds a requirement to the scope of a penetration test that states activities can only occur during normal business hours. Which of the following BEST describes why this would be necessary?

  • A. To ensure someone is available if something goes wrong
  • B. For testing of the customer's SLA with the ISP
  • C. To meet PCI DSS testing requirements
  • D. Because of concerns regarding bandwidth limitations

正解:A


質問 # 111
A company is concerned that its cloud VM is vulnerable to a cyberattack and proprietary data may be stolen. A penetration tester determines a vulnerability does exist and exploits the vulnerability by adding a fake VM instance to the IaaS component of the client's VM. Which of the following cloud attacks did the penetration tester MOST likely implement?

  • A. Direct-to-origin
  • B. Credential harvesting
  • C. Cross-site scripting
  • D. Malware injection

正解:A


質問 # 112
......

試験問題解答ブレーン問題集でPT0-002試験問題集PDF問題:https://jp.fast2test.com/PT0-002-premium-file.html

PT0-002テスト準備トレーニング練習試験問題練習テスト:https://drive.google.com/open?id=14kCDLf2HnqUlEI-cUnzYi75jcGG7lxaK


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어