PT0_002 questions • Exam prepare

Exam contains 466 questions

Page 18 of 78

Question 103 🔥

A consultant is reviewing the following output after reports of intermittent connectivity issues:Which of the following is MOST likely to be reported by the consultant?

Which database solution meets these requirements?

A. A device on the network has an IP address in the wrong subnet.

B. A multicast session was initiated using the wrong multicast group.

C. An ARP flooding attack is using the broadcast address to perform DDoS.

D. A device on the network has poisoned the ARP cache.

Highly voted

Discussion of the question

Question 104 🔥

Which of the following web-application security risks are part of the OWASP Top 10 v2017? (Choose two.)

Which database solution meets these requirements?

Discussion of the question

Question 105 🔥

The results of an Nmap scan are as follows:Which of the following would be the BEST conclusion about this device?

Which database solution meets these requirements?

A. This device may be vulnerable to the Heartbleed bug due to the way transactions over TCP/22 handle heartbeat extension packets, allowing attackers to obtain sensitive information from process memory.

B. This device is most likely a gateway with in-band management services.

Highly voted

C. This device is most likely a proxy server forwarding requests over TCP/443.

D. This device may be vulnerable to remote code execution because of a buffer overflow vulnerability in the method used to extract DNS names from packets prior to DNSSEC validation.

Discussion of the question

Question 106 🔥

When preparing for an engagement with an enterprise organization, which of the following is one of the MOST important items to develop fully prior to beginning the penetration testing activities?

Which database solution meets these requirements?

A. Clarify the statement of work

Highly voted

B. Obtain an asset inventory from the client

C. Interview all stakeholders

D. Identify all third parties involved.

Discussion of the question

Question 107 🔥

A penetration tester is reviewing the following SOW prior to engaging with a client.`Network diagrams, logical and physical asset inventory, and employees' names are to be treated as client confidential. Upon completion of the engagement, the penetration tester will submit findings to the client's Chief Information Security Officer (CISO) via encrypted protocols and subsequently dispose of all findings by erasing them in a secure manner.`Based on the information in the SOW, which of the following behaviors would be considered unethical? (Choose two.)

Which database solution meets these requirements?

A. Utilizing proprietary penetration-testing tools that are not available to the public or to the client for auditing and inspection

B. Utilizing public-key cryptography to ensure findings are delivered to the CISO upon completion of the engagement.

C. Failing to share with the client critical vulnerabilities that exist within the client architecture to appease the client's senior leadership team.

Highly voted

D. Seeking help with the engagement in underground hacker forums by sharing the client's public IP address

Highly voted

E. Using a software-based erase tool to wipe the client's findings from the penetration tester's laptop.

F. Retaining the SOW within the penetration tester's company for future use so the sales team can plan future engagements

Discussion of the question

Question 108 🔥

Which of the following commands will allow a penetration tester to permit a shell script to be executed by the file owner?

Which database solution meets these requirements?

A. chmod u+x script.sh

Highly voted

B. chmod u+e script.sh

C. chmod o+e script.sh

D. chmod o+x script.sh

Discussion of the question

Ready to Pass Your Certification Test

comptia PT0_002

Exam contains 466 questions

Lorem ipsum dolor sit amet consectetur. Eget sed turpis aenean sit aenean. Integer at nam ullamcorper a.

Company

Product

Resources

Follow us