Valid COMPTIA PT0-001 Dumps PDF

Valid COMPTIA PT0-001 Dumps PDF - Exam4Lead.com

155 views

Embed
Email

From

Username or Email (please add comma after each username or email)

Name	Email

Back

Menu 3

Eaque ipsa quae ab illo inventore veritatis et quasi architecto beatae vitae dicta sunt explicabo.

Daisylaura175

Uploaded on Aug 12, 2020

Category Education

By preparing from PT0-001 Dumps you can easily ace your exam by the first attempt. So if you are searching for a useful helping material for PenTest+ then you must try PT0-001 Dumps PDF for your best results in the final. All the information that our experts thought useful has been included in this study material so that students can learn better the points that are related without getting confused among concepts. You can also try online testing engine at Exam4Lead to improve your knowledge through practice. You will know about your weak points and will deliver much focus over those points to make possible improvements. In case, you fail to pass your exam you will be returned your money back. As it is a service not only a business. If you have any query you can ask us at Exam4Lead.

Category Education

Comments

Valid COMPTIA PT0-001 Dumps PDF - Exam4Lead.com

Com ptia

PT0-0 01
CompTIA PenT est+ Exam
https://www.exam4lead.com/comptia/pt0-001-dumps.html

Question: 1

A security guard observes an individual entering the building after scanning a badge. The facility has
a strict badge-in and badge-out requirement with a turnstile. The security guard then audits the
badge system and finds two log entries for the badge in Question NO : within the last 30 minutes.
Which of the following has MOST likely occurred?

A. The badge was cloned.
B. The physical access control server is malfunctioning.
C. The system reached the crossover error rate.
D. The employee lost the badge.

Answer: A

Question: 2

A constant wants to scan all the TCP Pots on an identified device. Which of the following Nmap
switches will complete this task?

A. -p-
B. -p ALX,
C. -p 1-65534
D. -port 1-65534

Answer: C

Question: 3

A security consultant is trying to attack a device with a previously identified user account.

Which of the following types of attacks is being executed?

A. Credential dump attack
B. DLL injection attack
C. Reverse shell attack
D. Pass the hash attack

Answer: D

Question: 4

The following command is run on a Linux file system:
Chmod 4111 /usr/bin/sudo
Which of the following issues may be exploited now?

A. Kernel vulnerabilities
B. Sticky bits
C. Unquoted service path
D. Misconfigured sudo

Answer: B

Question: 5

DRAG DROP
A manager calls upon a tester to assist with diagnosing an issue within the following Python script:
#!/usr/bin/python
s = “Administrator”
The tester suspects it is an issue with string slicing and manipulation Analyze the following code
segment and drag and drop the correct output for each string manipulation to its corresponding code
segment Options may be used once or not at all

Answer:

Question: 6

During a penetration test, a tester runs a phishing campaign and receives a shell from an internal PC
running Windows 10 OS. The tester wants to perform credential harvesting with Mimikatz.
Which of the following registry changes would allow for credential caching in memory?

A. reg add HKLM\System\ControlSet002\Control\SecurityProviders\WDigest /v userLogoCredential
/t REG_DWORD /d 0
B. reg add HKCU\System\CurrentControlSet\Control\SecurityProviders\WDigest /v
userLogoCredential /t REG_DWORD /d 1
C. reg add HKLM\Software\CurrentControlSet\Control\SecurityProviders\WDigest /v
userLogoCredential /t REG_DWORD /d 1
D. reg add HKLM\System\CurrentControlSet\Control\SecurityProviders\WDigest /v
userLogoCredential /t REG_DWORD /d 1

Answer: A

Question: 7

In which of the following components is an exploited vulnerability MOST likely to affect multiple
running application containers at once?

A. Common libraries
B. Configuration files
C. Sandbox escape
D. ASLR bypass

Answer: A

Question: 8

Which of the following would be BEST for performing passive reconnaissance on a target's external
domain?

A. Peach
B. CeWL
C. OpenVAS
D. Shodan

Answer: D

Question: 8

If a security consultant comes across a password hash that resembles the following
b117 525b3454 7Oc29ca3dBaeOb556ba8
Which of the following formats is the correct hash type?

A. Kerberos
B. NetNTLMvl
C. NTLM
D. SHA-1

Answer: D

Question: 9

A penetration tester was able to retrieve the initial VPN user domain credentials by phishing a
member of the IT department. Afterward, the penetration tester obtained hashes over the VPN and
easily cracked them using a dictionary attack Which of the following remediation steps should be
recommended? (Select THREE)

A. Mandate all employees take security awareness training
B. Implement two-factor authentication for remote access
C. Install an intrusion prevention system

D. Increase password complexity requirements
E. Install a security information event monitoring solution.
F. Prevent members of the IT department from interactively logging in as administrators
G. Upgrade the cipher suite used for the VPN solution

Answer: ABD

Question: 10

A software development team recently migrated to new application software on the on-premises
environment Penetration test findings show that multiple vulnerabilities exist If a penetration tester
does not have access to a live or test environment, a test might be better to create the same
environment on the VM Which of the following is MOST important for confirmation?

A. Unsecure service and protocol configuration
B. Running SMB and SMTP service
C. Weak password complexity and user account
D. Misconfiguration

Answer: A

https://www.exam4lead.com/comptia/pt0-001-dumps.html