PT0-002 exam

A penetration tester is contracted to attack an oil rig network to look for vulnerabilities. While conducting the assessment, the support organization of the rig reported issues connecting to corporate applications and upstream services for data acquisitions. Which of the following is the MOST likely culprit?A . Patch installationsB ....

A penetration tester was brute forcing an internal web server and ran a command that produced the following output: However, when the penetration tester tried to browse the URL http://172.16.100.10:3000/profile, a blank page was displayed. Which of the following is the MOST likely reason for the lack of output?A ....

A penetration tester recently performed a social-engineering attack in which the tester found an employee of the target company at a local coffee shop and over time built a relationship with the employee. On the employee’s birthday, the tester gave the employee an external hard drive as a gift. Which...

A penetration tester writes the following script: Which of the following is the tester performing?A . Searching for service vulnerabilitiesB . Trying to recover a lost bind shellC . Building a reverse shell listening on specified portsD . Scanning a network for specific open portsView AnswerAnswer: D Explanation: -z zero-I/O...

A red-team tester has been contracted to emulate the threat posed by a malicious insider on a company’s network, with the constrained objective of gaining access to sensitive personnel files. During the assessment, the red-team tester identifies an artifact indicating possible prior compromise within the target environment. Which of the...

A penetration tester wants to identify CVEs that can be leveraged to gain execution on a Linux server that has an SSHD running. Which of the following would BEST support this task?A . Run nmap with the Co, -p22, and CsC options set against the targetB . Run nmap with...

A penetration tester needs to upload the results of a port scan to a centralized security tool. Which of the following commands would allow the tester to save the results in an interchangeable format?A . nmap -iL results 192.168.0.10-100B . nmap 192.168.0.10-100 -O > resultsC . nmap -A 192.168.0.10-100 -oX...

A penetration tester ran the following commands on a Windows server: Which of the following should the tester do AFTER delivering the final report?A . Delete the scheduled batch job.B . Close the reverse shell connection.C . Downgrade the svsaccount permissions.D . Remove the tester-created credentials.View AnswerAnswer: D

A client wants a security assessment company to perform a penetration test against its hot site. The purpose of the test is to determine the effectiveness of the defenses that protect against disruptions to business continuity. Which of the following is the MOST important action to take before starting this...

A penetration tester successfully performed an exploit on a host and was able to hop from VLAN 100 to VLAN 200. VLAN 200 contains servers that perform financial transactions, and the penetration tester now wants the local interface of the attacker machine to have a static ARP entry in the...