PT0-002 無料問題集「CompTIA PenTest+ Certification」

Which of the following is a ROE component that provides a penetration tester with guidance on who and how to contact the necessary individuals in the event of a disaster during an engagement?

解説: (JPNTest メンバーにのみ表示されます)
Which of the following would be the most efficient way to write a Python script that interacts with a web application?

解説: (JPNTest メンバーにのみ表示されます)
Which of the following are the MOST important items to include in the final report for a penetration test?
(Choose two.)

正解:A、C 解答を投票する
A penetration tester is testing a new version of a mobile application in a sandbox environment. To intercept and decrypt the traffic between the application and the external API, the tester has created a private root CA and issued a certificate from it. Even though the tester installed the root CA into the trusted stone of the smartphone used for the tests, the application shows an error indicating a certificate mismatch and does not connect to the server. Which of the following is the MOST likely reason for the error?

解説: (JPNTest メンバーにのみ表示されます)
Which of the following tools should a penetration tester use to crawl a website and build a wordlist using the data recovered to crack the password on the website?

解説: (JPNTest メンバーにのみ表示されます)
A penetration tester has established an on-path position between a target host and local network services but has not been able to establish an on-path position between the target host and the Internet. Regardless, the tester would like to subtly redirect HTTP connections to a spoofed server IP. Which of the following methods would BEST support the objective?

A penetration tester was able to compromise a server and escalate privileges. Which of the following should the tester perform AFTER concluding the activities on the specified target? (Choose two.)

正解:A、E 解答を投票する
Which of the following components should a penetration tester most likely include in a report at the end of an assessment?

解説: (JPNTest メンバーにのみ表示されます)
Which of the following assessment methods is the most likely to cause harm to an ICS environment?

解説: (JPNTest メンバーにのみ表示されます)
A penetration tester downloaded the following Perl script that can be used to identify vulnerabilities in network switches. However, the script is not working properly.
Which of the following changes should the tester apply to make the script work as intended?

解説: (JPNTest メンバーにのみ表示されます)
A penetration tester runs a scan against a server and obtains the following output:
21/tcp open ftp Microsoft ftpd
| ftp-anon: Anonymous FTP login allowed (FTP code 230)
| 03-12-20 09:23AM 331 index.aspx
| ftp-syst:
135/tcp open msrpc Microsoft Windows RPC
139/tcp open netbios-ssn Microsoft Windows netbios-ssn
445/tcp open microsoft-ds Microsoft Windows Server 2012 Std
3389/tcp open ssl/ms-wbt-server
| rdp-ntlm-info:
| Target Name: WEB3
| NetBIOS_Computer_Name: WEB3
| Product_Version: 6.3.9600
|_ System_Time: 2021-01-15T11:32:06+00:00
8443/tcp open http Microsoft IIS httpd 8.5
| http-methods:
|_ Potentially risky methods: TRACE
|_http-server-header: Microsoft-IIS/8.5
|_http-title: IIS Windows Server
Which of the following command sequences should the penetration tester try NEXT?

A penetration tester recently performed a social-engineering attack in which the tester found an employee of the target company at a local coffee shop and over time built a relationship with the employee. On the employee's birthday, the tester gave the employee an external hard drive as a gift. Which of the following social-engineering attacks was the tester utilizing?

解説: (JPNTest メンバーにのみ表示されます)
Which of the following tools would be BEST suited to perform a manual web application security assessment? (Choose two.)

正解:A、E 解答を投票する
A penetration tester wants to find hidden information in documents available on the web at a particular domain. Which of the following should the penetration tester use?

解説: (JPNTest メンバーにのみ表示されます)
A penetration tester is reviewing the logs of a proxy server and discovers the following URLs:
https://test.comptia.com/profile.php?userid=1546
https://test.cpmptia.com/profile.php?userid=5482
https://test.comptia.com/profile.php?userid=3618
Which of the following types of vulnerabilities should be remediated?

解説: (JPNTest メンバーにのみ表示されます)

弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

オンラインサポート時間:( UTC+9 ) 9:00-24:00
月曜日から土曜日まで

サポート:現在連絡