QUESTION: 65

A penetration tester obtained the following results after scanning a web server using the dirb utility:
Which of the following elements is MOST likely to contain useful information for the penetration tester?

index.html
about
info
home.html

Answer(s): B

Show Answer Next Question

QUESTION: 66

A company has hired a penetration tester to deploy and set up a rogue access point on the network.
Which of the following is the BEST tool to use to accomplish this goal?

Wireshark
Aircrack-ng
Kismet
Wifite

Answer(s): B

Reference:

https://null-byte.wonderhowto.com/how-to/hack-wi-fi-stealing-wi-fi-passwords-with-evil-twin-attack-0183880/

Show Answer Next Question

QUESTION: 67

A penetration tester was able to gain access successfully to a Windows workstation on a mobile client's laptop.
Which of the following can be used to ensure the tester is able to maintain access to the system?

schtasks /create /sc /ONSTART /tr C:\Temp|WindowsUpdate.exe
wmic startup get caption,command
crontab -l; echo ג€@reboot sleep 200 && ncat -lvp 4242 -e /bin/bashג€) | crontab 2>/dev/null
sudo useradd -ou 0 -g 0 user

Answer(s): A

Show Answer Next Question

QUESTION: 68

A company hired a penetration-testing team to review the cyber-physical systems in a manufacturing plant. The team immediately discovered the supervisory systems and PLCs are both connected to the company intranet.
Which of the following assumptions, if made by the penetration-testing team, is MOST likely to be valid?

PLCs will not act upon commands injected over the network.
Supervisors and controllers are on a separate virtual network by default.
Controllers will not validate the origin of commands.
Supervisory systems will detect a malicious injection of code/commands.

Answer(s): C

Show Answer Next Question

Free CompTIA PT0-002 Exam Braindumps (page: 18)

QUESTION: 65

QUESTION: 66

Reference:

QUESTION: 67

QUESTION: 68

PT0-002 Exam Discussions & Posts