최신CompTIA PenTest+ - PT0-003무료샘플문제
문제1
Which of the following is a term used to describe a situation in which a penetration tester bypasses physical access controls and gains access to a facility by entering at the same time as an employee?
Which of the following is a term used to describe a situation in which a penetration tester bypasses physical access controls and gains access to a facility by entering at the same time as an employee?
정답: D
설명: (ITDumpsKR 회원만 볼 수 있음)
문제2
A company hires a penetration tester to test the security of its wireless networks. The main goal is to intercept and access sensitive data.
Which of the following tools should the security professional use to best accomplish this task?
A company hires a penetration tester to test the security of its wireless networks. The main goal is to intercept and access sensitive data.
Which of the following tools should the security professional use to best accomplish this task?
정답: A
설명: (ITDumpsKR 회원만 볼 수 있음)
문제3
A penetration tester is conducting an assessment of a web application's login page. The tester needs to determine whether there are any hidden form fields of interest. Which of the following is the most effective technique?
A penetration tester is conducting an assessment of a web application's login page. The tester needs to determine whether there are any hidden form fields of interest. Which of the following is the most effective technique?
정답: A
설명: (ITDumpsKR 회원만 볼 수 있음)
문제4
A penetration tester is conducting a vulnerability scan. The tester wants to see any vulnerabilities that may be visible from outside of the organization. Which of the following scans should the penetration tester perform?
A penetration tester is conducting a vulnerability scan. The tester wants to see any vulnerabilities that may be visible from outside of the organization. Which of the following scans should the penetration tester perform?
정답: B
설명: (ITDumpsKR 회원만 볼 수 있음)
문제5
A penetration tester discovers evidence of an advanced persistent threat on the network that is being tested.
Which of the following should the tester do next?
A penetration tester discovers evidence of an advanced persistent threat on the network that is being tested.
Which of the following should the tester do next?
정답: C
설명: (ITDumpsKR 회원만 볼 수 있음)
문제6
Before starting an assessment, a penetration tester needs to scan a Class B IPv4 network for open ports in a short amount of time. Which of the following is the best tool for this task?
Before starting an assessment, a penetration tester needs to scan a Class B IPv4 network for open ports in a short amount of time. Which of the following is the best tool for this task?
정답: D
설명: (ITDumpsKR 회원만 볼 수 있음)
문제7
The following file was obtained during reconnaissance:
Which of the following is most likely to be successful if a penetration tester achieves non-privileged user access?
The following file was obtained during reconnaissance:
Which of the following is most likely to be successful if a penetration tester achieves non-privileged user access?
정답: D
설명: (ITDumpsKR 회원만 볼 수 있음)
문제8
A penetration tester observes the following output from an Nmap command while attempting to troubleshoot connectivity to a Linux server:
Starting Nmap 7.91 ( https://nmap.org ) at 2024-01-10 12:00 UTC
Nmap scan report for example.com (192.168.1.10)
Host is up (0.001s latency).
Not shown: 9999 closed ports
PORT STATE SERVICE
21/tcp open ftp
80/tcp open http
135/tcp open msrpc
139/tcp open netbios-ssn
443/tcp open https
2222/tcp open ssh
444/tcp open microsoft-ds
Nmap done: 1 IP address (1 host up) scanned in 0.23 seconds
Which of the following is the most likely reason for the connectivity issue?
A penetration tester observes the following output from an Nmap command while attempting to troubleshoot connectivity to a Linux server:
Starting Nmap 7.91 ( https://nmap.org ) at 2024-01-10 12:00 UTC
Nmap scan report for example.com (192.168.1.10)
Host is up (0.001s latency).
Not shown: 9999 closed ports
PORT STATE SERVICE
21/tcp open ftp
80/tcp open http
135/tcp open msrpc
139/tcp open netbios-ssn
443/tcp open https
2222/tcp open ssh
444/tcp open microsoft-ds
Nmap done: 1 IP address (1 host up) scanned in 0.23 seconds
Which of the following is the most likely reason for the connectivity issue?
정답: D
설명: (ITDumpsKR 회원만 볼 수 있음)
문제9
A penetration tester cannot find information on the target company's systems using common OSINT methods.
The tester's attempts to do reconnaissance against internet-facing resources have been blocked by the company's WAF. Which of the following is the best way to avoid the WAF and gather information about the target company's systems?
A penetration tester cannot find information on the target company's systems using common OSINT methods.
The tester's attempts to do reconnaissance against internet-facing resources have been blocked by the company's WAF. Which of the following is the best way to avoid the WAF and gather information about the target company's systems?
정답: D
설명: (ITDumpsKR 회원만 볼 수 있음)
문제10
Which of the following describes the process of determining why a vulnerability scanner is not providing results?
Which of the following describes the process of determining why a vulnerability scanner is not providing results?
정답: C
설명: (ITDumpsKR 회원만 볼 수 있음)
문제11
A penetration testing team needs to determine whether it is possible to disrupt wireless communications for PCs deployed in the client's offices. Which of the following techniques should the penetration tester leverage?
A penetration testing team needs to determine whether it is possible to disrupt wireless communications for PCs deployed in the client's offices. Which of the following techniques should the penetration tester leverage?
정답: D
설명: (ITDumpsKR 회원만 볼 수 있음)
문제12
A tester enumerated a firewall policy and now needs to stage and exfiltrate data captured from the engagement. Given the following firewall policy:
Action | SRC
| DEST
| --
Block | 192.168.10.0/24 : 1-65535 | 10.0.0.0/24 : 22 | TCP
Allow | 0.0.0.0/0 : 1-65535 | 192.168.10.0/24:443 | TCP
Allow | 192.168.10.0/24 : 1-65535 | 0.0.0.0/0:443 | TCP
Block | . | . | *
Which of the following commands should the tester try next?
A tester enumerated a firewall policy and now needs to stage and exfiltrate data captured from the engagement. Given the following firewall policy:
Action | SRC
| DEST
| --
Block | 192.168.10.0/24 : 1-65535 | 10.0.0.0/24 : 22 | TCP
Allow | 0.0.0.0/0 : 1-65535 | 192.168.10.0/24:443 | TCP
Allow | 192.168.10.0/24 : 1-65535 | 0.0.0.0/0:443 | TCP
Block | . | . | *
Which of the following commands should the tester try next?
정답: A
설명: (ITDumpsKR 회원만 볼 수 있음)
문제13
A penetration tester attempts unauthorized entry to the company's server room as part of a security assessment. Which of the following is the best technique to manipulate the lock pins and open the door without the original key?
A penetration tester attempts unauthorized entry to the company's server room as part of a security assessment. Which of the following is the best technique to manipulate the lock pins and open the door without the original key?
정답: C
설명: (ITDumpsKR 회원만 볼 수 있음)