CompTIA PT0-001 Exam Questions and Answers 2021

NEW QUESTION 1
A penetration tester is performing a remote scan to determine if the server farm is compliant with the company's software baseline . Which of the following should the penetration tester perform to verify compliance with the baseline?

• A. Discovery scan
• B. Stealth scan
• C. Full scan
• D. Credentialed scan

Answer: A

NEW QUESTION 2
DRAG DROP
Performance based
You are a penetration Inter reviewing a client's website through a web browser. Instructions:
Review all components of the website through the browser to determine if vulnerabilities are present. Remediate ONLY the highest vulnerability from either the certificate source or cookies.

Answer:

Explanation:

NEW QUESTION 3
Which of the following would be BEST for performing passive reconnaissance on a target's external domain?

• A. Peach
• B. CeWL
• C. OpenVAS
• D. Shodan

Answer: A

NEW QUESTION 4
Which of the following has a direct and significant impact on the budget of the security assessment?

• A. Scoping
• B. Scheduling
• C. Compliance requirement
• D. Target risk

Answer: A

NEW QUESTION 5
In which of the following components is an explogted vulnerability MOST likely to affect multiple running application containers at once?

• A. Common libraries
• B. Configuration files
• C. Sandbox escape
• D. ASLR bypass

Answer: D

NEW QUESTION 6
A penetration tester is preparing to conduct API testing Which of the following would be MOST helpful in preparing for this engagement?

• A. NiktO
• B. WAR
• C. W3AF
• D. Swagger

Answer: A

NEW QUESTION 7
Which of the following BEST explains why it is important to maintain confidentiality of any identified findings when performing a penetration test?

• A. Penetration test findings often contain company intellectual property
• B. Penetration test findings could lead to consumer dissatisfaction if made pubic
• C. Penetration test findings are legal documents containing privileged information
• D. Penetration test findings can assist an attacker in compromising a system

Answer: C

NEW QUESTION 8
HOTSPOT
You are a security analyst tasked with hardening a web server.
You have been given a list of HTTP payloads that were flagged as malicious.

Answer:

NEW QUESTION 9
An assessor begins an internal security test of the Windows domain internal. comptia. net. The assessor is given network access via DHCP, but is not given any network maps or target IP addresses. Which of the following commands can the assessor use to find any likely Windows domain controllers?

• A. Option A
• B. Option B
• C. Option C
• D. Option D

Answer: A

NEW QUESTION 10
Click the exhibit button.

A penetration tester is performing an assessment when the network administrator shows the tester a packet sample that is causing trouble on the network Which of the following types of attacks should the tester stop?

• A. SNMP brute forcing
• B. ARP spoofing
• C. DNS cache poisoning
• D. SMTP relay

Answer: B

NEW QUESTION 11
A client asks a penetration tester to add more addresses to a test currently in progress. Which of the following would defined the target list?

• A. Rules of engagement
• B. Master services agreement
• C. Statement of work
• D. End-user license agreement

Answer: D

NEW QUESTION 12
While engaging clients for a penetration test from highly regulated industries, which of the following is usually the MOST important to the clients from a business perspective?

• A. Letter of engagement and attestation of findings
• B. NDA and MSA
• C. SOW and final report
• D. Risk summary and executive summary

Answer: D

NEW QUESTION 13
A penetration tester runs the following from a compromised box 'python -c -import pty;Pty.sPawn( "/bin/bash").' Which of the following actions is the tester taking?

• A. Removing the Bash history
• B. Upgrading the shell
• C. Creating a sandbox
• D. Capturing credentials

Answer: A

NEW QUESTION 14
A penetration tester was able to retrieve the initial VPN user domain credentials by phishing a member of the IT department. Afterward, the penetration tester obtained hashes over the VPN and easily cracked them using a dictionary attack Which of the following remediation steps should be recommended? (Select THREE)

• A. Mandate all employees take security awareness training
• B. Implement two-factor authentication for remote access
• C. Install an intrusion prevention system
• D. Increase password complexity requirements
• E. Install a security information event monitoring solution.
• F. Prevent members of the IT department from interactively logging in as administrators
• G. Upgrade the cipher suite used for the VPN solution

Answer: BDG

NEW QUESTION 15
After performing a security assessment for a firm, the client was found to have been billed for the time the client's test environment was unavailable The Client claims to have been billed unfairly. Which of the following documents would MOST likely be able to provide guidance in such a situation?

• A. SOW
• B. NDA
• C. EULA
• D. BRA

Answer: D

NEW QUESTION 16
During an internal penetration test, several multicast and broadcast name resolution requests are observed traversing the network. Which of the following tools could be used to impersonate network resources and collect authentication requests?

• A. Ettercap
• B. Tcpdump
• C. Responder
• D. Medusa

Answer: D