comptia pt0-001 online test

Question 1

Which of the following excerpts would come from a corporate policy?

• A. Employee passwords must contain a minimum of eight characters, with one being alphanumeric.
• B. The help desk can be reached at 800-passwd1 to perform password resets.
• C. Employees must use strong passwords for accessing corporate assets.
• D. The corporate systems must store passwords using the MD5 hashing algorithm.

Answer:

D

Question 2

A penetration tester has performed a pivot to a new Linux device on a different network. The tester writes the following
command:
for m in {1..254..1};do ping -c 1 192.168.101.$m; done
Which of the following BEST describes the result of running this command?

• A. Port scan
• B. Service enumeration
• C. Live host identification
• D. Denial of service

Answer:

C

Question 3

A security consultant is trying to attack a device with a previously identified user account.

Which of the following types of attacks is being executed?

• A. Credential dump attack
• B. DLL injection attack
• C. Reverse shell attack
• D. Pass the hash attack

Answer:

D

Question 4

A client asks a penetration tester to add more addresses to a test currently in progress. Which of the following would define
the target list?

• A. Rules of engagement
• B. Mater services agreement
• C. Statement of work
• D. End-user license agreement

Answer:

C

Question 5

A penetration tester is required to perform OSINT on staff at a target company after completing the infrastructure aspect.
Which of the following would be the BEST step for penetration?

• A. Obtain staff information by calling the company and using social engineering techniques.
• B. Visit the client and use impersonation to obtain information from staff.
• C. Send spoofed emails to staff to see if staff will respond with sensitive information.
• D. Search the internet for information on staff such as social networking sites.

Answer:

D

Explanation:
Reference: https://securitytrails.com/blog/what-is-osint-how-can-i-make-use-of-it

Question 6

A company planned for and secured the budget to hire a consultant to perform a web application penetration test. Upon
discovering vulnerabilities, the company asked the consultant to perform the following tasks:
Code review

Updates to firewall settings

Which of the following has occurred in this situation?

• A. Scope creep
• B. Post-mortem review
• C. Risk acceptance
• D. Threat prevention

Answer:

A

Question 7

A client has voiced concern about the number of companies being breached by remote attackers, who are looking for trade
secrets. Which of the following BEST describes the type of adversaries this would identify?

• A. Script kiddies
• B. APT actors
• C. Insider threats
• D. Hacktivist groups

Answer:

B

Explanation:
Reference: https://en.wikipedia.org/wiki/Advanced_persistent_threat

Question 8

A penetration tester is performing a black box assessment on a web-based banking application. The tester was only
provided with a URL to the login page. Given the below code and output:

Which of the following is the tester intending to do?

• A. Horizontally escalate privileges.
• B. Scrape the page for hidden fields.
• C. Analyze HTTP response code.
• D. Search for HTTP headers.

Answer:

D

Question 9

Which of the following is the MOST comprehensive type of penetration test on a network?

• A. Black box
• B. White box
• C. Gray box
• D. Red team
• E. Architecture review

Answer:

A

Explanation:
Reference: https://purplesec.us/types-penetration-testing/

Question 10

During post-exploitation, a tester identifies that only system binaries will pass an egress filter and store a file with the
following command:
c: \creditcards.db>c:\winit\system32\calc.exe:creditcards.db
Which of the following file system vulnerabilities does this command take advantage of?

• A. Hierarchical file system
• B. Alternate data streams
• C. Backdoor success
• D. Extended file system

Answer:

B