CompTIA PenTest+ PT1-002 Dumps in PDF

Free CompTIA PT1-002 Real Questions (page: 8)

A security professional wants to test an IoT device by sending an invalid packet to a proprietary service listening on TCP port 3011.
Which of the following would allow the security professional to easily and programmatically manipulate the TCP header length and checksum using arbitrary numbers and to observe how the proprietary service responds?

  1. Nmap
  2. tcpdump
  3. Scapy
  4. hping3

Answer(s): A


Reference:

https://www.mn.uio.no/i /english/research/groups/psy/completedmasters/2017/Kim_Jonatan_Wessel_Bjorneset/ kim_jonatan_wessel_bjorneset_testing_security_for_internet_of_things_a_survey_on_vulnerabilities_in_ip_cameras.pdf (24)



A penetration tester is reviewing the following SOW prior to engaging with a client:
`Network diagrams, logical and physical asset inventory, and employees' names are to be treated as client con dential. Upon completion of the engagement, the penetration tester will submit ndings to the client's Chief Information Security O cer (CISO) via encrypted protocols and subsequently dispose of all ndings by erasing them in a secure manner.`
Based on the information in the SOW, which of the following behaviors would be considered unethical? (Choose two.)

  1. Utilizing proprietary penetration-testing tools that are not available to the public or to the client for auditing and inspection
  2. Utilizing public-key cryptography to ensure ndings are delivered to the CISO upon completion of the engagement
  3. Failing to share with the client critical vulnerabilities that exist within the client architecture to appease the client's senior leadership team
  4. Seeking help with the engagement in underground hacker forums by sharing the client's public IP address
  5. Using a software-based erase tool to wipe the client's ndings from the penetration tester's laptop
  6. Retaining the SOW within the penetration tester's company for future use so the sales team can plan future engagements

Answer(s): C,E



A company recruited a penetration tester to con gure wireless IDS over the network.
Which of the following tools would BEST test the effectiveness of the wireless
IDS solutions?

  1. Aircrack-ng
  2. Wireshark
  3. Wi te
  4. Kismet

Answer(s): A


Reference:

https://purplesec.us/perform-wireless-penetration-test/



A penetration tester gains access to a system and establishes persistence, and then runs the following commands: cat /dev/null > temp touch `"r .bash_history temp mv temp .bash_history
Which of the following actions is the tester MOST likely performing?

  1. Redirecting Bash history to /dev/null
  2. Making a copy of the user's Bash history for further enumeration
  3. Covering tracks by clearing the Bash history
  4. Making decoy les on the system to confuse incident responders

Answer(s): C


Reference:

https://null-byte.wonderhowto.com/how-to/clear-logs-bash-history-hacked-linux-systems-cover-your-tracks-remain-undetected-0244768/



Which of the following web-application security risks are part of the OWASP Top 10 v2017? (Choose two.)

  1. Buffer over ows
  2. Cross-site scripting
  3. Race-condition attacks
  4. Zero-day attacks
  5. Injection aws
  6. Ransomware attacks

Answer(s): A,B


Reference:

https://owasp.org/www-pdf-archive/OWASP_Top_10_2017_RC2_Final.pdf



Share your comments for CompTIA PT1-002 exam with other users:

D
Dinesh
8/1/2023 2:26:00 PM

could you please upload sap c_arsor_2302 questions? it will be very much helpful.

L
LBert
6/19/2023 10:23:00 AM

vraag 20c: rsa veilig voor symmtrische cryptografie? antwoord c is toch fout. rsa is voor asymmetrische cryptogafie??

G
g
12/22/2023 1:51:00 PM

so far good

M
Milos
8/4/2023 9:33:00 AM

question 31 has obviously wrong answers. tls and ssl are used to encrypt data at transit, not at rest.

D
Diksha
9/25/2023 2:32:00 AM

pls provide dump for 1z0-1080-23 planning exams

H
H
7/17/2023 4:28:00 AM

could you please upload the exam?

A
Anonymous
9/14/2023 4:47:00 AM

please upload this

N
Naveena
1/13/2024 9:55:00 AM

good material

W
WildWilly
1/19/2024 10:43:00 AM

lets see if this is good stuff...

L
Lavanya
11/2/2023 1:53:00 AM

useful information

M
Moussa
12/12/2023 5:52:00 AM

intéressant

M
Madan
6/22/2023 9:22:00 AM

thank you for making the interactive questions

V
Vavz
11/2/2023 6:51:00 AM

questions are accurate

S
Su
11/23/2023 4:34:00 AM

i need questions/dumps for this exam.

L
LuvSN
7/16/2023 11:19:00 AM

i need this exam, when will it be uploaded

M
Mihai
7/19/2023 12:03:00 PM

i need the dumps !

W
Wafa
11/13/2023 3:06:00 AM

very helpful

A
Alokit
7/3/2023 2:13:00 PM

good source

S
Show-Stopper
7/27/2022 11:19:00 PM

my 3rd test and passed on first try. hats off to this brain dumps site.

M
Michelle
6/23/2023 4:06:00 AM

please upload it

L
Lele
11/20/2023 11:55:00 AM

does anybody know if are these real exam questions?

G
Girish Jain
10/9/2023 12:01:00 PM

are these questions similar to actual questions in the exam? because they seem to be too easy

P
Phil
12/8/2022 11:16:00 PM

i have a lot of experience but what comes in the exam is totally different from the practical day to day tasks. so i thought i would rather rely on these brain dumps rather failing the exam.

B
BV
6/8/2023 4:35:00 AM

good questions

K
krishna
12/19/2023 2:05:00 AM

valied exam dumps. they were very helpful and i got a pretty good score. i am very grateful for this service and exam questions

P
Pie
9/3/2023 4:56:00 AM

will it help?

L
Lucio
10/6/2023 1:45:00 PM

very useful to verify knowledge before exam

A
Ajay
5/17/2023 4:54:00 AM

good stuffs

T
TestPD1
8/10/2023 12:19:00 PM

question 17 : responses arent b and c ?

N
Nhlanhla
12/13/2023 5:26:00 AM

just passed the exam on my first try using these dumps.

R
Rizwan
1/6/2024 2:18:00 AM

very helpful

Y
Yady
5/24/2023 10:40:00 PM

these questions look good.

K
Kettie
10/12/2023 1:18:00 AM

this is very helpful content

S
SB
7/21/2023 3:18:00 AM

please provide the dumps

AI Tutor 👋 I’m here to help!