Winter Sale Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: v4s65

  1. Home
  2. CompTIA
  3. PenTest+
  4. PT0-001 - CompTIA PenTest+ Exam
Note! Following PT0-001 Exam is Retired now. Please select the alternative replacement for your Exam Certification. The new exam code is PT0-002

PT0-001 Exam Dumps - CompTIA PenTest+ Exam

Go to page:
Question # 9

An Internet-accessible database server was found with the following ports open: 22, 53, 110, 1433, and 3389. Which of the following would be the BEST hardening technique to secure the server?

A.

Ensure all protocols are using encryption.

B.

Employ network ACLs.

C.

Disable source routing on the server.

D.

Ensure the IDS rules have been updated.

Full Access
Question # 10

Which of the following BEST protects against a rainbow table attack?

D18912E1457D5D1DDCBD40AB3BF70D5D

A.

Increased password complexity

B.

Symmetric encryption

C.

Cryptographic salting

D.

Hardened OS configurations

Full Access
Question # 11

Which of the following actions BEST matches a script kiddie's threat actor?

A.

Exfiltrate network diagrams to perform lateral movement

B.

Steal credit cards from the database and sell them in the deep web

C.

Install a rootkit to maintain access to the corporate network

D.

Deface the website of a company in search of retribution

Full Access
Question # 12

A penetration tester identifies prebuilt exploit code containing Windows imports for VirtualAllocEx and LoadLibraryA functions. Which of the following techniques is the exploit code using?

A.

DLL hijacking

B.

DLL sideloading

C.

DLL injection

D.

DLL function hooking

Full Access
Question # 13

A software developer wants to test the code of an application for vulnerabilities. Which of the following

processes should the software developer perform?

A.

Vulnerability scan

B.

Dynamic scan

C.

Static scan

D.

Compliance scan

Full Access
Question # 14

A penetration tester is testing a web application and is logged in as a lower-privileged user. The tester runs

arbitrary JavaScript within an application, which sends an XMLHttpRequest, resulting in exploiting features to

which only an administrator should have access. Which of the following controls would BEST mitigate the

vulnerability?

A.

Implement authorization checks.

B.

Sanitize all the user input.

C.

Prevent directory traversal.

D.

Add client-side security controls

Full Access
Question # 15

A penetration tester is checking a script to determine why some basic math errors are persisting. The expected result was the program outputting “True”.

Given the output from the console above, which of the following explains how to correct the errors in the script? (Choose two.)

A.

Change ‘fi’ to ‘Endli’.

B.

Remove the ‘let’ in front of ‘dest=5+5’.

C.

Change the ‘=’ to ‘-eq’.

D.

Change ‘source’ and ‘dest’ to “$source” and “$dest”.

E.

Change ‘else’ to ‘elif’.

Full Access
Question # 16

A recent vulnerability scan of all web servers in an environment offers the following results:

Taking a risk-based approach, which of the following is the BEST order to approach remediation based on exposure?

A.

Unrestricted file upload, clickjacking, verbose server banner, SQL injection

B.

Unrestricted file upload, SQL injection, clickjacking, verbose server banner

C.

Clickjacking, unrestricted file upload, verbose server banner, SQL injection

D.

SQL injection, unrestricted file upload, clickjacking, verbose server banner

E.

SQL injection, clickjacking, unrestricted file upload, verbose server banner

Full Access
Go to page:

Hot Exams

ADM-201 Dumps
Platform-App-Builder Dumps
AZ-500 Dumps
350-701 Dumps
SY0-601 Dumps
NCSE-Core Dumps
PDP9 Dumps
DP-203 Dumps
AZ-700 Dumps
NSE7_EFW-7.0 Dumps
Integration-Architect Dumps
CS0-003 Dumps