PT0-002 exam

The attacking machine is on the same LAN segment as the target host during an internal penetration test. Which of the following commands will BEST enable the attacker to conduct host delivery and write the discovery to files without returning results of the attack machine?A . nmap snn exclude 10.1.1.15...

A penetration tester gains access to a system and establishes persistence, and then runs the following commands: cat /dev/null > temp touch Cr .bash_history temp mv temp .bash_history Which of the following actions is the tester MOST likely performing?A . Redirecting Bash history to /dev/null B. Making a copy of...

A penetration tester attempted a DNS poisoning attack. After the attempt, no traffic was seen from the target machine. Which of the following MOST likely caused the attack to fail?A . The injection was too slow. B. The DNS information was incorrect. C. The DNS cache was not refreshed. D....

A penetration tester writes the following script: Which of the following is the tester performing?A . Searching for service vulnerabilities B. Trying to recover a lost bind shell C. Building a reverse shell listening on specified ports D. Scanning a network for specific open portsView AnswerAnswer: D Explanation: -z zero-I/O...

A penetration tester gives the following command to a systems administrator to execute on one of the target servers: rm -f /var/www/html/G679h32gYu.php Which of the following BEST explains why the penetration tester wants this command executed?A . To trick the systems administrator into installing a rootkit B. To close down...

A customer adds a requirement to the scope of a penetration test that states activities can only occur during normal business hours. Which of the following BEST describes why this would be necessary?A . To meet PCI DSS testing requirements B. For testing of the customer's SLA with the ISP...

A penetration tester has been given eight business hours to gain access to a client’s financial system. Which of the following techniques will have the highest likelihood of success?A . Attempting to tailgate an employee going into the client's workplace B. Dropping a malicious USB key with the company’s logo...

After gaining access to a previous system, a penetration tester runs an Nmap scan against a network with the following results: The tester then runs the following command from the previous exploited system, which fails: Which of the following explains the reason why the command failed?A . The tester input...

A penetration tester is scanning a corporate lab network for potentially vulnerable services. Which of the following Nmap commands will return vulnerable ports that might be interesting to a potential attacker?A . nmap192.168.1.1-5CPU22-25,80 B. nmap192.168.1.1-5CPA22-25,80 C. nmap192.168.1.1-5CPS22-25,80 D. nmap192.168.1.1-5CSs22-25,80View AnswerAnswer: C Explanation: PS/PA/PU/PY are host discovery flags which use TCP...

A company has hired a penetration tester to deploy and set up a rogue access point on the network. Which of the following is the BEST tool to use to accomplish this goal?A . Wireshark B. Aircrack-ng C. Kismet D. WifiteView AnswerAnswer: B Explanation: Reference: https://null-byte.wonderhowto.com/how-to/hack-wi-fi-stealing-wi-fi-passwords-with-evil-twin-attack-0183880/ https://thecybersecurityman.com/2018/08/11/creating-an-evil-twin-or-fake-access-point-using-aircrack-ng-and-dnsmasq-part-2-the-attack/