Free PT1-002 Exam Braindumps (page: 4)

Page 4 of 29

A penetration tester is exploring a client's website. The tester performs a curl command and obtains the following:
* Connected to 10.2.11.144 (::1) port 80 (#0)
> GET /readmine.html HTTP/1.1
> Host: 10.2.11.144
> User-Agent: curl/7.67.0
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 200
< Date: Tue, 02 Feb 2021 21:46:47 GMT
< Server: Apache/2.4.41 (Debian)
< Content-Length: 317
< Content-Type: text/html; charset=iso-8859-1
<
<!DOCTYPE html>
<html lang=`en`>
<head>
<meta name=`viewport` content=`width=device-width` />
<meta http-equiv=`Content-Type` content=`text/html; charset=utf-8` />
<title>WordPress > ReadMe</title>
<link rel=`stylesheet` href=`wp-admin/css/install.css?ver=20100228` type=`text/css` /> </head>
Which of the following tools would be BEST for the penetration tester to use to explore this site further?

  1. Burp Suite
  2. DirBuster
  3. WPScan
  4. OWASP ZAP

Answer(s): A


Reference:

https://tools.kali.org/web-applications/burpsuite



A penetration tester wrote the following script to be used in one engagement:



Which of the following actions will this script perform?

  1. Look for open ports.
  2. Listen for a reverse shell.
  3. Attempt to ood open ports.
  4. Create an encrypted tunnel.

Answer(s): A



A company conducted a simulated phishing attack by sending its employees emails that included a link to a site that mimicked the corporate SSO portal. Eighty percent of the employees who received the email clicked the link and provided their corporate credentials on the fake site.
Which of the following recommendations would BEST address this situation?

  1. Implement a recurring cybersecurity awareness education program for all users.
  2. Implement multifactor authentication on all corporate applications.
  3. Restrict employees from web navigation by de ning a list of unapproved sites in the corporate proxy.
  4. Implement an email security gateway to block spam and malware from email communications.

Answer(s): A


Reference:

https://resources.infosecinstitute.com/topic/top-9-free-phishing-simulators/



A security professional wants to test an IoT device by sending an invalid packet to a proprietary service listening on TCP port 3011.
Which of the following would allow the security professional to easily and programmatically manipulate the TCP header length and checksum using arbitrary numbers and to observe how the proprietary service responds?

  1. Nmap
  2. tcpdump
  3. Scapy
  4. hping3

Answer(s): A


Reference:

https://www.mn.uio.no/i /english/research/groups/psy/completedmasters/2017/Kim_Jonatan_Wessel_Bjorneset/ kim_jonatan_wessel_bjorneset_testing_security_for_internet_of_things_a_survey_on_vulnerabilities_in_ip_cameras.pdf (24)



Page 4 of 29



Post your Comments and Discuss CompTIA PT1-002 exam with other Community members:

Feroz commented on November 17, 2024
These questions are very similar to the exam question. Thank you for this great test dumps!
Anonymous
upvote

Mohamed commented on November 17, 2024
No Comments
Anonymous
upvote

shakila commented on November 16, 2024
how to start i m begginer
Anonymous
upvote

peter commented on November 16, 2024
I'm finding these question helpful
Anonymous
upvote

Kris commented on November 16, 2024
Nice Questions
Anonymous
upvote

Folarin commented on November 15, 2024
Nice content, hope to take my exam soonest
Anonymous
upvote

Dag Alytus commented on November 15, 2024
This is helpful
UNITED STATES
upvote

Priscilla commented on November 15, 2024
I'm waiting for more questions
Anonymous
upvote

togdheer commented on November 15, 2024
good revision resource
UNITED STATES
upvote

Mohammed commented on November 15, 2024
After checking these questions and reviewing all the answers and Explanations I realized that I would not have been able to pass the exam based on my current knowledge. This is completely changed my approach in how I am going to prepare now.
UNITED STATES
upvote

Makhmoor commented on November 15, 2024
please make it free
EUROPEAN UNION
upvote

Ardi commented on November 14, 2024
its a great platform to upskilling your knowledge about blockchain
Anonymous
upvote

Quentin commented on November 14, 2024
I noticed that some comments were related to answers not being 100% correct. But for me as long as questions are real and same as the actual exam I was okay.
Mexico
upvote

kagelelo commented on November 14, 2024
how do you pass the ged science test
Anonymous
upvote

Chris Nalla commented on November 14, 2024
Very insightful piece.
Anonymous
upvote

baba commented on November 14, 2024
want to learn
Anonymous
upvote

Anand commented on November 14, 2024
Not bad at all. It covers all the exam topics and it provides some insight to the types of questions that you are going to see in real exam.
INDIA
upvote

Godlover commented on November 14, 2024
Very up to date. I passed my exams. I studied very well though. But the past questions was exceedingly helpful too. Just practice the questions as much as you can. As for me I practiced all, and repracticed about 350 questions again before the exams day.
Anonymous
upvote

LasNumber commented on November 14, 2024
This Are Very Useful Q's and A's. on exam some Questions wont come as they are but mostly will come as the are. Study to Know
Anonymous
upvote

Yeshwanth commented on November 14, 2024
Nice Questions and helpful for exam preparation.
Anonymous
upvote

Jenil Gandhi commented on November 14, 2024
Hi everyone could sone share the certification voucher for PD2.
INDIA
upvote

Nicole commented on November 13, 2024
I am working towards my exam. Finding these prep to be very useful
CANADA
upvote

Nicole commented on November 13, 2024
Very helpful
CANADA
upvote

Bianca commented on November 13, 2024
Consistent questions
Anonymous
upvote

Larry commented on November 13, 2024
Good content
Anonymous
upvote

Dipu commented on November 13, 2024
Great Source , i feel really good questions
Anonymous
upvote

Dipu commented on November 13, 2024
Nice questions
Anonymous
upvote

Nathaniel Okeke commented on November 13, 2024
nice way to practice for the exam
Anonymous
upvote

Ashwini commented on November 13, 2024
I would appreciate for resources you can provide
INDIA
upvote

Ganiyu Ogunlana commented on November 13, 2024
Great Insight into the exams
Anonymous
upvote

Vuyo commented on November 13, 2024
Very Helpful
Anonymous
upvote

Suleman khan commented on November 13, 2024
Huawei is my favourite I'm enjoying these questions
PAKISTAN
upvote

Pandiyan Venkatraman commented on November 13, 2024
good question
Anonymous
upvote

Eb'Oney commented on November 12, 2024
I think the answer here should be B. Split the Logged column by using at as the delimiter
UNITED STATES
upvote