Tag - PT0-002 exam

A penetration tester conducted a vulnerability scan against a client’s critical servers and found the following: Which of the following would be a recommendation for remediation?A . Deploy a user training programB . Implement a patch management planC . Utilize the secure software development life cycleD . Configure access controls...

A penetration tester discovers during a recent test that an employee in the accounting department has been making changes to a payment system and redirecting money into a personal bank account. The penetration test was immediately stopped. Which of the following would be the BEST recommendation to prevent this type...

When preparing for an engagement with an enterprise organization, which of the following is one of the MOST important items to develop fully prior to beginning the penetration testing activities?A . Clarify the statement of work.B . Obtain an asset inventory from the client.C . Interview all stakeholders.D . Identify...

A penetration tester has obtained root access to a Linux-based file server and would like to maintain persistence after reboot. Which of the following techniques would BEST support this objective?A . Create a one-shot systemd service to establish a reverse shell.B . Obtain /etc/shadow and brute force the root password.C...

Which of the following should a penetration tester do NEXT after identifying that an application being tested has already been compromised with malware?A . Analyze the malware to see what it does.B . Collect the proper evidence and then remove the malware.C . Do a root-cause analysis to find out...

A penetration tester recently completed a review of the security of a core network device within a corporate environment. The key findings are as follows: • The following request was intercepted going to the network device: GET /login HTTP/1.1 Host: 10.50.100.16 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0 Accept-Language:...