PT0-001無料問題集「CompTIA PenTest+ Certification」

質問 1

Joe, a penetration tester, has received basic account credentials and logged into a Windows system. To escalate his privilege, from which of the following places is he using Mimikatz to pull credentials?

（A）SAM database

（B）Registry

（C）LSASS

（D）Active Directory

正解：D 解答を投票する

質問 2

A penetration tester is outside of an organization's network and is attempting to redirect users to a fake password reset website hosted on the penetration tester's box. Which of the following techniques is suitable to attempt this?

（A）Perform ARP spoofing.

（B）Employ NBNS poisoning.

（C）Use an SSL downgrade attack.

（D）Conduct a phishing campaign.

正解：D 解答を投票する

質問 3

A penetration tester is assessing the security of a web form for a client and enters ";id" in one of the fields.
The penetration tester observes the following response:

Based on the response, which of the following vulnerabilities exists?

（A）XSS/XSRF

（B）Command injection

（C）SQL injection

（D）Session hijacking

正解：B 解答を投票する

質問 4

A penetration tester has performed a security assessment for a startup firm. The report lists a total of ten vulnerabilities, with five identified as critical. The client does not have the resources to immediately remediate all vulnerabilities. Under such circumstances, which of the following would be the BEST suggestion for the client?

（A）Apply easy compensating controls for critical vulnerabilities to minimize the risk, and then reprioritize remediation.

（B）Implement the least impactful of the critical vulnerabilities' remediations first, and then address other critical vulnerabilities

（C）Identify the issues that can be remediated most quickly and address them first.

（D）Fix the most critical vulnerability first, even if it means fixing the other vulnerabilities may take a very long lime.

正解：D 解答を投票する

質問 5

A company's corporate policies state that employees are able to scan any global network as long as it is done within working hours. Government laws prohibit unauthorized scanning. Which of the following should an employee abide by?

（A）Industry standards receding scanning should be followed

（B）The employee must obtain written approval from the company's Chief Information Security Officer (ClSO) prior to scanning

（C）Company policies must be followed in this situation

（D）Laws supersede corporate policies

正解：B 解答を投票する

質問 6

A penetration tester is preparing for an assessment of a web server's security, which is used to host several sensitive web applications. The web server is PKI protected, and the penetration tester reviews the certificate presented by the server during the SSL handshake. Which of the following certificate fields or extensions would be of MOST use to the penetration tester during an assessment?

（A）Subject alternative name

（B）Subject key identifier

（C）Authority information access

（D）Service principal name

正解：C 解答を投票する

質問 7

A penetration tester identifies prebuilt exploit code containing Windows imports for VirtualAllocEx and LoadLibraryA functions. Which of the following techniques is the exploit code using?

（A）DLL injection

（B）DLL sideloading

（C）DLL function hooking

（D）DLL hijacking

正解：D 解答を投票する

質問 8

A security consultant is trying to attack a device with a previously identified user account.

Which of the following types of attacks is being executed?

（A）Pass the hash attack

（B）Reverse shell attack

（C）Credential dump attack

（D）DLL injection attack

正解：A 解答を投票する

質問 9

A penetration tester found a network with NAC enabled Which of the following commands can be used to bypass the NAC?

（A）sslbump

（B）macchanger

（C）iptafcles

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 10

During the exploitation phase of a web application, a penetration tester finds XML files are being used to handle parameters that are sent for the server. Which of the following vulnerabilities can be exploited to try to access internal files of the affected web server using a web proxy?

（A）XSS

（B）CSRF

（C）SQL injection

（D）XXE

正解：C 解答を投票する

質問 11

A penetration tester is designing a phishing campaign and wants to build list of users (or the target organization. Which of the following techniques would be the MOST appropriate? (Select TWO)

（A）Socially engineer the corporate call center.

（B）Search posted job listings.

（C）Scrape the company website.

（D）Query an Internet WHOIS database.

（E）Harvest users from social networking sites.

正解：C、E 解答を投票する

質問 12

You are a penetration tester running port scans on a server.
INSTRUCTIONS
Part1: Given the output, construct the command that was used to generate this output from the available options.
Part2: Once the command is appropriately constructed, use the given output to identify the potential attack vectors that should be investigated further.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.
Part1

Part2

正解：

Part 1 - nmap 192.168.2.2 -sV -O
Part 2 - Weak SMB file permissions

質問 13

A client has scheduled a wireless penetration test. Which of the following describes the scoping target information MOST likely needed before testing can begin?

（A）The number of wireless devices owned by the client

（B）The physical location and network ESSIDs to be tested

（C）The client's preferred wireless access point vendor

（D）The bands and frequencies used by the client's devices

正解：D 解答を投票する

質問 14

A file contains several hashes. Which of the following can be used in a pass-the-hash attack?

（A）LMv2

（B）NTLM

（C）NTLMv2

（D）NTLMv1

（E）Kerberos

正解：E 解答を投票する

質問 15

An attacker receives a DHCP address and notices the hostname was populated in the corporate DNS server. Which of the following BEST describes how the attacker can use this information?

（A）WPAD attack

（B）DCSync operation

（C）Setting custom SRV records

（D）VLAN hopping

正解：A 解答を投票する

質問 16

At the information gathering stage, a penetration tester is trying to passively identify the technology running on a client's website. Which of the following approached should the penetration tester take?

（A）Use web aggregators such as BuiltWith and Netcraft

（B）Run a web scraper and pull the website's content.

（C）Use Nmap to fingerprint the website's technology.

（D）Run a spider scan in Burp Suite.

正解：D 解答を投票する

質問 17

A penetration tester wants to launch a graphic console window from a remotely compromised host with IP 10.0.0.20 and display the terminal on the local computer with IP 192.168.1.10. Which of the following would accomplish this task?

（A）From the local computer, run the following command
Nc -1 -p 6000
Then, from the remote computer, run the following command
Xterm | nc 192.168.1.10 6000

（B）From the local computer, run the following command
ssh -L4444 : 127.0.01:6000 -% [email protected] xterm

（C）From the local computer, run the following command
ssh -r6000 : 127.0.01:4444 -p 6000 [email protected] "xhost+; xterm"

（D）From the remote computer, run the following commands:
Export IHOST 192.168.1.10:0.0
xhost+
Terminal

正解：D 解答を投票する

PT0-001 無料問題集「CompTIA PenTest+ Certification」

弊社を連絡する

関連リンク

トップ試験