Nest 0 Cart
Nest Account
Popular Exams
All Categories...
Nest
Nest 0
Contact
Log In / Sign Up
Copyright 2024 © store. All rights reserved.
Home CompTIA PT1-002

CompTIA PT1-002 Exam Practice Questions (P. 1)

  • Full Access (110 questions)
  • Six months of Premium Access
  • Access to one million comments
  • Seamless ChatGPT Integration
  • Ability to download PDF files
  • Anki Flashcard files for revision
  • No Captcha & No AdSense
  • Advanced Exam Configuration
Get Contributor Access
Question #1
A client wants a security assessment company to perform a penetration test against its hot site. The purpose of the test is to determine the effectiveness of the defenses that protect against disruptions to business continuity. Which of the following is the MOST important action to take before starting this type of assessment?
  1. A
    Ensure the client has signed the SOW.
  2. B
    Verify the client has granted network access to the hot site.
  3. C
    Determine if the failover environment relies on resources not owned by the client.
  4. D
    Establish communication and escalation procedures with the client.

Correct Answer:
C

Question #2
Performing a penetration test against an environment with SCADA devices brings additional safety risk because the:
  1. A
    devices produce more heat and consume more power.
  2. B
    devices are obsolete and are no longer available for replacement.
  3. C
    protocols are more difficult to understand.
  4. D
    devices may cause physical world effects.

Correct Answer:
C
Reference:
https://www.hindawi.com/journals/scn/2018/3794603/

Question #3
Which of the following documents describes specific activities, deliverables, and schedules for a penetration tester?
  1. A
    NDA
  2. B
    MSA
  3. C
    SOW
  4. D
    MOU

Correct Answer:
C

Question #4
A company hired a penetration-testing team to review the cyber-physical systems in a manufacturing plant. The team immediately discovered the supervisory systems and PLCs are both connected to the company intranet. Which of the following assumptions, if made by the penetration-testing team, is MOST likely to be valid?
  1. A
    PLCs will not act upon commands injected over the network.
  2. B
    Supervisors and controllers are on a separate virtual network by default.
  3. C
    Controllers will not validate the origin of commands.
  4. D
    Supervisory systems will detect a malicious injection of code/commands.

Correct Answer:
C

Question #5
A new security firm is onboarding its first client. The client only allowed testing over the weekend and needed the results Monday morning. However, the assessment team was not able to access the environment as expected until Monday. Which of the following should the security company have acquired BEFORE the start of the assessment?
  1. A
    A signed statement of work
  2. B
    The correct user accounts and associated passwords
  3. C
    The expected time frame of the assessment
  4. D
    The proper emergency contacts for the client

Correct Answer:
C

Next Questions

All Pages