次の認定試験に速く合格する!

簡単に認定試験を準備し、学び、そして合格するためにすべてが必要だ。

会員センター  カート (0)

PT0-002 無料問題集「CompTIA PenTest+ Certification」

ページ: 1 / 25
トータル 460 問
完全版を入手する
A penetration tester is conducting an on-path link layer attack in order to take control of a key fob that controls an electric vehicle. Which of the following wireless attacks would allow a penetration tester to achieve a successful attack?

解説: (JPNTest メンバーにのみ表示されます)
Which of the following would assist a penetration tester the MOST when evaluating the susceptibility of top-level executives to social engineering attacks?

解説: (JPNTest メンバーにのみ表示されます)
A penetration tester is performing a vulnerability scan on a large ATM network. One of the organization's requirements is that the scan does not affect legitimate clients' usage of the ATMs. Which of the following should the tester do to best meet the company's vulnerability scan requirements?

A penetration tester utilized Nmap to scan host 64.13.134.52 and received the following results:

Based on the output, which of the following services are MOST likely to be exploited? (Choose two.)

正解:B、C 解答を投票する
Which of the following situations would require a penetration tester to notify the emergency contact for the engagement?

The following PowerShell snippet was extracted from a log of an attacker machine:

A penetration tester would like to identify the presence of an array. Which of the following line numbers would define the array?

解説: (JPNTest メンバーにのみ表示されます)
A penetration tester finds a PHP script used by a web application in an unprotected internal source code repository. After reviewing the code, the tester identifies the following:

Which of the following tools will help the tester prepare an attack for this scenario?

解説: (JPNTest メンバーにのみ表示されます)
A penetration tester managed to exploit a vulnerability using the following payload:
IF (1=1) WAIT FOR DELAY '0:0:15'
Which of the following actions would best mitigate this type ol attack?

解説: (JPNTest メンバーにのみ表示されます)
A penetration tester discovers passwords in a publicly available data breach during the reconnaissance phase of the penetration test.
Which of the following is the best action for the tester to take?

解説: (JPNTest メンバーにのみ表示されます)
During the scoping phase of an assessment, a client requested that any remote code exploits discovered during testing would be reported immediately so the vulnerability could be fixed as soon as possible. The penetration tester did not agree with this request, and after testing began, the tester discovered a vulnerability and gained internal access to the system. Additionally, this scenario led to a loss of confidential credit card data and a hole in the system. At the end of the test, the penetration tester willfully failed to report this information and left the vulnerability in place. A few months later, the client was breached and credit card data was stolen. After being notified about the breach, which of the following steps should the company take NEXT?

解説: (JPNTest メンバーにのみ表示されます)
Which of the following is a rules engine for managing public cloud accounts and resources?

解説: (JPNTest メンバーにのみ表示されます)
A penetration tester is performing an assessment of an application that allows users to upload documents to a cloud-based file server for easy access anywhere in the world. Which of the following would most likely allow a tester to access unintentionally exposed documents?

解説: (JPNTest メンバーにのみ表示されます)
Which of the following factors would a penetration tester most likely consider when testing at a location?

解説: (JPNTest メンバーにのみ表示されます)
Penetration tester is developing exploits to attack multiple versions of a common software package. The versions have different menus and )ut.. they have a common log-in screen that the exploit must use. The penetration tester develops code to perform the log-in that can be each of the exploits targeted to a specific version. Which of the following terms is used to describe this common log-in code example?

解説: (JPNTest メンバーにのみ表示されます)
A penetration testing firm performs an assessment every six months for the same customer. While performing network scanning for the latest assessment, the penetration tester observes that several of the target hosts appear to be residential connections associated with a major television and ISP in the are
a. Which of the following is the most likely reason for the observation?

解説: (JPNTest メンバーにのみ表示されます)
A security consultant wants to perform a vulnerability assessment with an application that can effortlessly generate an easy-to-read report. Which of the following should the attacker use?

解説: (JPNTest メンバーにのみ表示されます)
During a vulnerability management process that lasted several months, a security analyst found the number of vulnerabilities in a production web application consistently grew. Which of the following should the analyst do to best remediate this situation?

A potential reason for communicating with the client point of contact during a penetration test is to provide resolution if a testing component crashes a system or service and leaves them unavailable for both legitimate users and further testing. Which of the following best describes this concept?

解説: (JPNTest メンバーにのみ表示されます)
Which of the following tools can a penetration tester use to brute force a user password over SSH using multiple threads?

解説: (JPNTest メンバーにのみ表示されます)
ページ: 1 / 25
トータル 460 問

弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

オンラインサポート時間:( UTC+9 ) 9:00-24:00
月曜日から土曜日まで

サポート:現在連絡 

関連リンク

トップ試験