CompTIA PenTest+ Certification Exam v1.0

Page:    1 / 8   
Exam contains 110 questions
Expand All

A penetration tester has been contracted to review wireless security. The tester has deployed a malicious wireless AP that mimics the configuration of the target enterprise WiFi. The penetration tester now wants to try to force nearby wireless stations to connect to the malicious AP. Which of the following steps should the tester take NEXT?

  • A. Send deauthentication frames to the stations.
  • B. Perform jamming on all 2.4GHz and 5GHz channels.
  • C. Set the malicious AP to broadcast within dynamic frequency selection channels.
  • D. Modify the malicious AP configuration to not use a pre-shared key.


Answer : C

A security engineer identified a new server on the network and wants to scan the host to determine if it is running an approved version of Linux and a patched version of Apache. Which of the following commands will accomplish this task?

  • A. nmap ג€"f ג€"sV ג€"p80 192.168.1.20
  • B. nmap ג€"sS ג€"sL ג€"p80 192.168.1.20
  • C. nmap ג€"A ג€"T4 ג€"p80 192.168.1.20
  • D. nmap ג€"O ג€"v ג€"p80 192.168.1.20


Answer : C

Reference:
https://nmap.org/book/man-version-detection.html

Which of the following expressions in Python increase a variable val by one (Choose two.)

  • A. val++
  • B. +val
  • C. val=(val+1)
  • D. ++val
  • E. val=val++
  • F. val+=1


Answer : DF

Reference:
https://stackoverflow.com/questions/1485841/behaviour-of-increment-and-decrement-operators-in-python

Given the following output:
User-agent:*
Disallow: /author/

Disallow: /xmlrpc.php -

Disallow: /wp-admin -
Disallow: /page/
During which of the following activities was this output MOST likely obtained?

  • A. Website scraping
  • B. Website cloning
  • C. Domain enumeration
  • D. URL enumeration


Answer : A

Appending string values onto another string is called:

  • A. compilation
  • B. connection
  • C. concatenation
  • D. conjunction


Answer : C

Reference:
https://docs.microsoft.com/en-us/dotnet/csharp/how-to/concatenate-multiple-strings

A penetration tester is testing input validation on a search form that was discovered on a website. Which of the following characters is the BEST option to test the website for vulnerabilities?

  • A. Comma
  • B. Double dash
  • C. Single quote
  • D. Semicolon


Answer : C

A penetration tester was conducting a penetration test and discovered the network traffic was no longer reaching the clientג€™s IP address. The tester later discovered the SOC had used sinkholing on the penetration testerג€™s IP address. Which of the following BEST describes what happened?

  • A. The penetration tester was testing the wrong assets
  • B. The planning process failed to ensure all teams were notified
  • C. The client was not ready for the assessment to start
  • D. The penetration tester had incorrect contact information


Answer : B

A penetration tester wants to perform reconnaissance without being detected. Which of the following activities have a MINIMAL chance of detection? (Choose two.)

  • A. Open-source research
  • B. A ping sweep
  • C. Traffic sniffing
  • D. Port knocking
  • E. A vulnerability scan
  • F. An Nmap scan


Answer : EF

Reference:
https://www.sciencedirect.com/topics/computer-science/passive-reconnaissance

A penetration tester obtained the following results after scanning a web server using the dirb utility:
...

GENERATED WORDS: 4612 -
---- Scanning URL: http://10.2.10.13/ ----
+ http://10.2.10.13/about (CODE:200|SIZE:1520)
+ http://10.2.10.13/home.html (CODE:200|SIZE:214)
+ http://10.2.10.13/index.html (CODE:200|SIZE:214)
+ http://10.2.10.13/info (CODE:200|SIZE:214)
...

DOWNLOADED: 4612 ג€" FOUND: 4 -
Which of the following elements is MOST likely to contain useful information for the penetration tester?

  • A. index.html
  • B. about
  • C. info
  • D. home.html


Answer : B

A penetration tester has obtained root access to a Linux-based file server and would like to maintain persistence after reboot. Which of the following techniques would BEST support this objective?

  • A. Create a one-shot systemd service to establish a reverse shell.
  • B. Obtain /etc/shadow and brute force the root password.
  • C. Run the nc -e /bin/sh <...> command.
  • D. Move laterally to create a user account on LDAP


Answer : C

A penetration tester has identified several newly released CVEs on a VoIP call manager. The scanning tool the tester used determined the possible presence of the CVEs based off the version number of the service. Which of the following methods would BEST support validation of the possible findings?

  • A. Manually check the version number of the VoIP service against the CVE release
  • B. Test with proof-of-concept code from an exploit database
  • C. Review SIP traffic from an on-path position to look for indicators of compromise
  • D. Utilize an nmap ג€"sV scan against the service


Answer : D

Reference:
https://dokumen.pub/hacking-exposed-unified-communications-amp-voip-security-secrets-amp-solutions-2nd-edition-9780071798778-0071798773-
9780071798761-0071798765.html

A penetration tester is scanning a corporate lab network for potentially vulnerable services. Which of the following Nmap commands will return vulnerable ports that might be interesting to a potential attacker?

  • A. nmap 192.168.1.1-5 ג€"PU22-25,80
  • B. nmap 192.168.1.1-5 ג€"PA22-25,80
  • C. nmap 192.168.1.1-5 ג€"PS22-25,80
  • D. nmap 192.168.1.1-5 ג€"Ss22-25,80


Answer : C

A software development team is concerned that a new product's 64-bit Windows binaries can be deconstructed to the underlying code. Which of the following tools can a penetration tester utilize to help the team gauge what an attacker might see in the binaries?

  • A. Immunity Debugger
  • B. OllyDbg
  • C. GDB
  • D. Drozer


Answer : B

Reference:
https://en.wikipedia.org/wiki/OllyDbg

A mail service company has hired a penetration tester to conduct an enumeration of all user accounts on an SMTP server to identify whether previous staff member accounts are still active. Which of the following commands should be used to accomplish the goal?

  • A. VRFY and EXPN
  • B. VRFY and TURN
  • C. EXPN and TURN
  • D. RCPT TO and VRFY


Answer : A

Reference:
https://hackerone.com/reports/193314

Which of the following tools provides Python classes for interacting with network protocols?

  • A. Responder
  • B. Impacket
  • C. Empire
  • D. PowerSploit


Answer : B

Reference:
https://github.com/SecureAuthCorp/impacket

Page:    1 / 8   
Exam contains 110 questions
Expand All

Talk to us!

Have any questions or issues ? Please dont hesitate to contact us

[email protected]

Certlibrary.com is owned by MBS Tech Limited: Room 1905 Nam Wo Hong Building, 148 Wing Lok Street, Sheung Wan, Hong Kong. Company registration number: 2310926
Certlibrary doesn't offer Real Microsoft Exam Questions. Certlibrary Materials do not contain actual questions and answers from Cisco's Certification Exams.
CFA Institute does not endorse, promote or warrant the accuracy or quality of Certlibrary. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.
Terms & Conditions | Privacy Policy