PT0-001 Practice Questions

A penetration tester is reviewing the following output from a wireless sniffer: Which of the following can be extrapolated from the above information?

An email sent from the Chief Executive Officer (CEO) to the Chief Financial Officer (CFO) states a wire transfer is needed to pay a new vendor. Neither is aware of the vendor, and...

A security assessor completed a comprehensive penetration test of a company and its networks and systems. During the assessment, the tester identified a vulnerability in the crypto...

A penetration tester reports an application is only utilizing basic authentication on an Internet- facing application. Which of the following would be the BEST remediation strategy...

A penetration tester is performing a code review. Which of the following testing techniques is being performed?

During a full-scope security assessment, which of the following is a prerequisite to social engineer a target by physically engaging them?

Consider the following PowerShell command: Cmdlet Which of the following BEST describes the actions performed by this command?

Which of the following excerpts would come from a corporate policy?

In which of the following scenarios would a tester perform a Kerberoasting attack?

While trying to maintain persistence on a Windows system with limited privileges, which of the following registry keys should the tester use?

A penetration tester has a full shell to a domain controller and wants to discover any user account that has not authenticated to the domain in 21 days. Which of the following comm...

Which of the following properties of the penetration testing engagement agreement will have the LARGEST impact on observing and testing production systems at their highest loads?

A penetration tester ran the following Nmap scan on a computer nmap -sV 192.168.1.5. The organization said it had disabled Telnet from its environment. However, the results of the...

A penetration testet is attempting to capture a handshake between a client and an access point by monitoring a WPA2-PSK secured wireless network. The (ester is monitoring the corre...

A penetration tester is performing initial intelligence gathering on some remote hosts prior to conducting a vulnerability scan. The tester runs the following command: nmap -D 192....

A penetration tester has compromised a host. Which of the following would be the correct syntax to create a Netcat listener on the device?

Which of the following commands will allow a tester to enumerate potential unquoted services paths on a host?

A constant wants to scan all the TCP Pots on an identified device. Which of the following Nmap switches will complete this task?

After successfully capturing administrator credentials to a remote Windows machine, a penetration tester attempts to access the system using PSExec but is denied permission. Which...

The following command is run on a Linux file system: Chmod 4111 /usr/bin/sudo Which of the following issues may be exploited now?

A client is asking a penetration tester to evaluate a new web application for availability. Which of the following types of attacks should the tester use?

During a penetration test, a tester runs a phishing campaign and receives a shell from an internal PC running Windows 10 OS. The tester wants to perform credential harvesting with...

In which of the following components is an exploited vulnerability MOST likely to affect multiple running application containers at once?

Which of the following would be BEST for performing passive reconnaissance on a target's external domain?

If a security consultant comes across a password hash that resembles the following: b117525b345470c29ca3d8ac0b556ba8 Which of the following formats is the correct hash type?

A penetration tester was able to retrieve the initial VPN user domain credentials by phishing a member of the IT department. Afterward, the penetration tester obtained hashes over...

A software development team recently migrated to new application software on the on-premises environment Penetration test findings show that multiple vulnerabilities exist If a pen...

A security analyst has uncovered a suspicious request in the logs for a web application. Given the following URL: Which of the following attack types is MOST likely to be the vulne...

An assessor begins an internal security test of the Windows domain internal. comptinet. The assessor is given network access via DHCP, but is not given any network maps or target I...

While prioritizing findings and recommendations for an executive summary, which of the following considerations would De MOST valuable to the client?

After several attempts, an attacker was able to gain unauthorized access through a biometric sensor using the attacker's actual fingerprint without exploitation. Which of the follo...

A penetration tester successfully exploits a DM2 server that appears to be listening on an outbound port The penetration tester wishes to forward that traffic back to a device. Whi...

The results of a basic compliance scan show a subset of assets on a network. This data differs from what is shown on the network architecture diagram, which was supplied at the beg...

A penetration tester has successfully exploited an application vulnerability and wants to remove the command history from the Linux session. Which of the following will accomplish...

When performing compliance-based assessments, which of the following is the MOST important Key consideration?

Which of the following BEST explains why it is important to maintain confidentiality of any identified findings when performing a penetration test?

A penetration tester is designing a phishing campaign and wants to build list of users (or the target organization. Which of the following techniques would be the MOST appropriate?...

A penetration tester notices that the X-Frame-Optjons header on a web application is not set. Which of the following would a malicious actor do to exploit this configuration settin...

A penetration tester is required to perform OSINT on staff at a target company after completing the infrastructure aspect. Which of the following would be the BEST step for the pen...

A security consultant found a SCADA device in one of the VLANs in scope. Which of the following actions would BEST create a potentially destructive outcome against device?

A client asks a penetration tester to add more addresses to a test currently in progress. Which of the following would defined the target list?

A recently concluded penetration test revealed that a legacy web application is vulnerable lo SQL injection Research indicates that completely remediating the vulnerability would r...

Which of the following is the reason why a penetration tester would run the chkconfig --del servicename command at the end of an engagement?

A penetration tester is checking a script to determine why some basic persisting. The expected result was the program outputting "True." Given the output from the console above, wh...

Given the following Python script: Which of the following actions will it perform?

A company contracted a firm specializing in penetration testing to assess the security of a core business application. The company provided the firm with a copy of the Java bytecod...

A penetration tester runs the following from a compromised box 'python -c -import pty;Pty.sPawn( "/bin/bash").' Which of the following actions is the tester taking?

A financial institution is asking a penetration tester to determine if collusion capabilities to produce wire fraud are present. Which of the following threat actors should the pen...

Given the following script: Which of the following BEST describes the purpose of this script?

Which of the following has a direct and significant impact on the budget of the security assessment?