CompTIA PenTest+ PT1-002 Dumps in PDF

Free CompTIA PT1-002 Real Questions (page: 13)

A security professional wants to test an IoT device by sending an invalid packet to a proprietary service listening on TCP port 3011.
Which of the following would allow the security professional to easily and programmatically manipulate the TCP header length and checksum using arbitrary numbers and to observe how the proprietary service responds?

  1. Nmap
  2. tcpdump
  3. Scapy
  4. hping3

Answer(s): A


Reference:

https://www.mn.uio.no/i /english/research/groups/psy/completedmasters/2017/Kim_Jonatan_Wessel_Bjorneset/ kim_jonatan_wessel_bjorneset_testing_security_for_internet_of_things_a_survey_on_vulnerabilities_in_ip_cameras.pdf (24)



A penetration tester is reviewing the following SOW prior to engaging with a client:
`Network diagrams, logical and physical asset inventory, and employees' names are to be treated as client con dential. Upon completion of the engagement, the penetration tester will submit ndings to the client's Chief Information Security O cer (CISO) via encrypted protocols and subsequently dispose of all ndings by erasing them in a secure manner.`
Based on the information in the SOW, which of the following behaviors would be considered unethical? (Choose two.)

  1. Utilizing proprietary penetration-testing tools that are not available to the public or to the client for auditing and inspection
  2. Utilizing public-key cryptography to ensure ndings are delivered to the CISO upon completion of the engagement
  3. Failing to share with the client critical vulnerabilities that exist within the client architecture to appease the client's senior leadership team
  4. Seeking help with the engagement in underground hacker forums by sharing the client's public IP address
  5. Using a software-based erase tool to wipe the client's ndings from the penetration tester's laptop
  6. Retaining the SOW within the penetration tester's company for future use so the sales team can plan future engagements

Answer(s): C,E



A company recruited a penetration tester to con gure wireless IDS over the network.
Which of the following tools would BEST test the effectiveness of the wireless
IDS solutions?

  1. Aircrack-ng
  2. Wireshark
  3. Wi te
  4. Kismet

Answer(s): A


Reference:

https://purplesec.us/perform-wireless-penetration-test/



A penetration tester gains access to a system and establishes persistence, and then runs the following commands: cat /dev/null > temp touch `"r .bash_history temp mv temp .bash_history
Which of the following actions is the tester MOST likely performing?

  1. Redirecting Bash history to /dev/null
  2. Making a copy of the user's Bash history for further enumeration
  3. Covering tracks by clearing the Bash history
  4. Making decoy les on the system to confuse incident responders

Answer(s): C


Reference:

https://null-byte.wonderhowto.com/how-to/clear-logs-bash-history-hacked-linux-systems-cover-your-tracks-remain-undetected-0244768/



Which of the following web-application security risks are part of the OWASP Top 10 v2017? (Choose two.)

  1. Buffer over ows
  2. Cross-site scripting
  3. Race-condition attacks
  4. Zero-day attacks
  5. Injection aws
  6. Ransomware attacks

Answer(s): A,B


Reference:

https://owasp.org/www-pdf-archive/OWASP_Top_10_2017_RC2_Final.pdf



Share your comments for CompTIA PT1-002 exam with other users:

S
soheib
7/24/2023 7:05:00 PM

question: 78 the right answer i think is d not a

S
srija
8/14/2023 8:53:00 AM

very helpful

T
Thembelani
5/30/2023 2:17:00 AM

i am writing this exam tomorrow and have dumps

A
Anita
10/1/2023 4:11:00 PM

can i have the icdl excel exam

B
Ben
9/9/2023 7:35:00 AM

please upload it

A
anonymous
9/20/2023 11:27:00 PM

hye when will post again the past year question for this h13-311_v3 part since i have to for my test tommorow…thank you very much

R
Randall
9/28/2023 8:25:00 PM

on question 22, option b-once per session is also valid.

T
Tshegofatso
8/28/2023 11:51:00 AM

this website is very helpful

P
philly
9/18/2023 2:40:00 PM

its my first time exam

B
Beexam
9/4/2023 9:06:00 PM

correct answers are device configuration-enable the automatic installation of webview2 runtime. & policy management- prevent users from submitting feedback.

R
RAWI
7/9/2023 4:54:00 AM

is this dump still valid? today is 9-july-2023

A
Annie
6/7/2023 3:46:00 AM

i need this exam.. please upload these are really helpful

S
Shubhra Rathi
8/26/2023 1:08:00 PM

please upload the oracle 1z0-1059-22 dumps

S
Shiji
10/15/2023 1:34:00 PM

very good questions

R
Rita Rony
11/27/2023 1:36:00 PM

nice, first step to exams

A
Aloke Paul
9/11/2023 6:53:00 AM

is this valid for chfiv9 as well... as i am reker 3rd time...

C
Calbert Francis
1/15/2024 8:19:00 PM

great exam for people taking 220-1101

A
Ayushi Baria
11/7/2023 7:44:00 AM

this is very helpfull for me

A
alma
8/25/2023 1:20:00 PM

just started preparing for the exam

C
CW
7/10/2023 6:46:00 PM

these are the type of questions i need.

N
Nobody
8/30/2023 9:54:00 PM

does this actually work? are they the exam questions and answers word for word?

S
Salah
7/23/2023 9:46:00 AM

thanks for providing these questions

R
Ritu
9/15/2023 5:55:00 AM

interesting

R
Ron
5/30/2023 8:33:00 AM

these dumps are pretty good.

S
Sowl
8/10/2023 6:22:00 PM

good questions

B
Blessious Phiri
8/15/2023 2:02:00 PM

dbua is used for upgrading oracle database

R
Richard
10/24/2023 6:12:00 AM

i am thrilled to say that i passed my amazon web services mls-c01 exam, thanks to study materials. they were comprehensive and well-structured, making my preparation efficient.

J
Janjua
5/22/2023 3:31:00 PM

please upload latest ibm ace c1000-056 dumps

M
Matt
12/30/2023 11:18:00 AM

if only explanations were provided...

R
Rasha
6/29/2023 8:23:00 PM

yes .. i need the dump if you can help me

A
Anonymous
7/25/2023 8:05:00 AM

good morning, could you please upload this exam again?

A
AJ
9/24/2023 9:32:00 AM

hi please upload sre foundation and practitioner exam questions

P
peter parker
8/10/2023 10:59:00 AM

the exam is listed as 80 questions with a pass mark of 70%, how is your 50 questions related?

B
Berihun
7/13/2023 7:29:00 AM

all questions are so important and covers all ccna modules

AI Tutor 👋 I’m here to help!