次の認定試験に速く合格する!

簡単に認定試験を準備し、学び、そして合格するためにすべてが必要だ。

会員センター  カート (0)

PT0-002 無料問題集「CompTIA PenTest+ Certification」

ページ: 1 / 22
トータル 400 問
完全版を入手する
A penetration tester writes the following script:

Which of the following objectives is the tester attempting to achieve?

解説: (JPNTest メンバーにのみ表示されます)
During an assessment, a penetration tester emailed the following Python script to CompTIA's employees:
import pyHook, sys, logging, pythoncom, datetime
log_file='C:\\Windows\\Temp\\log_comptia.txt' def KbrdEvent(event):
logging.basicConfig(filename=log_file,level=logging.DEBUG, format='%(messages)s') chr(event.Ascii) logging.log(10, chr(event.Ascii)) return True hooks_manager = pyHook.HookManager() hooks_manager.KeyDown = KbrdEvent hooks_manager.HookKeyboard() pythoncom.PumpMessages() Which of the following is the intended effect of this script?

解説: (JPNTest メンバーにのみ表示されます)
A penetration tester is conducting an Nmap scan and wants to scan for ports without establishing a connection. The tester also wants to find version data information for services running on Projects. Which of the following Nmap commands should the tester use?

解説: (JPNTest メンバーにのみ表示されます)
A penetration tester ran the following commands on a Windows server:

Which of the following should the tester do AFTER delivering the final report?

A penetration tester wants to validate the effectiveness of a DLP product by attempting exfiltration of data using email attachments. Which of the following techniques should the tester select to accomplish this task?

解説: (JPNTest メンバーにのみ表示されます)
A penetration tester opened a reverse shell on a Linux web server and successfully escalated privileges to root. During the engagement, the tester noticed that another user logged in frequently as root to perform work tasks. To avoid disrupting this user's work, which of the following is the BEST option for the penetration tester to maintain root-level persistence on this server during the test?

解説: (JPNTest メンバーにのみ表示されます)
A penetration tester was able to gain access successfully to a Windows workstation on a mobile client's laptop. Which of the following can be used to ensure the tester is able to maintain access to the system?

A Chief Information Security Officer wants a penetration tester to evaluate whether a recently installed firewall is protecting a subnetwork on which many decades- old legacy systems are connected. The penetration tester decides to run an OS discovery and a full port scan to identify all the systems and any potential vulnerability. Which of the following should the penetration tester consider BEFORE running a scan?

A penetration tester was hired to perform a physical security assessment of an organization's office. After monitoring the environment for a few hours, the penetration tester notices that some employees go to lunch in a restaurant nearby and leave their belongings unattended on the table while getting food. Which of the following techniques would MOST likely be used to get legitimate access into the organization's building without raising too many alerts?

A penetration tester is conducting a penetration test and discovers a vulnerability on a web server that is owned by the client. Exploiting the vulnerability allows the tester to open a reverse shell. Enumerating the server for privilege escalation, the tester discovers the following:

Which of the following should the penetration tester do NEXT?

解説: (JPNTest メンバーにのみ表示されます)
Given the following script:

Which of the following BEST characterizes the function performed by lines 5 and 6?

解説: (JPNTest メンバーにのみ表示されます)
In an unprotected network file repository, a penetration tester discovers a text file containing usernames and passwords in cleartext and a spreadsheet containing data for 50 employees, including full names, roles, and serial numbers. The tester realizes some of the passwords in the text file follow the format: <name- serial_number>. Which of the following would be the best action for the tester to take NEXT with this information?

Which of the following documents must be signed between the penetration tester and the client to govern how any provided information is managed before, during, and after the engagement?

You are a penetration tester reviewing a client's website through a web browser.
INSTRUCTIONS
Review all components of the website through the browser to determine if vulnerabilities are present.
Remediate ONLY the highest vulnerability from either the certificate, source, or cookies.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.






正解:
Which of the following tools provides Python classes for interacting with network protocols?

解説: (JPNTest メンバーにのみ表示されます)
A penetration tester is conducting a test after hours and notices a critical system was taken down. Which of the following contacts should be notified first?

解説: (JPNTest メンバーにのみ表示されます)
A client wants a security assessment company to perform a penetration test against its hot site. The purpose of the test is to determine the effectiveness of the defenses that protect against disruptions to business continuity. Which of the following is the MOST important action to take before starting this type of assessment?

解説: (JPNTest メンバーにのみ表示されます)
A consulting company is completing the ROE during scoping.
Which of the following should be included in the ROE?

A penetration tester logs in as a user in the cloud environment of a company. Which of the following Pacu modules will enable the tester to determine the level of access of the existing user?

解説: (JPNTest メンバーにのみ表示されます)
ページ: 1 / 22
トータル 400 問

弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

オンラインサポート時間:( UTC+9 ) 9:00-24:00
月曜日から土曜日まで

サポート:現在連絡 

関連リンク

トップ試験