PT0-002 exam

The following line-numbered Python code snippet is being used in reconnaissance: Which of the following line numbers from the script MOST likely contributed to the script triggering a “probable port scan” alert in the organization’s IDS?A . Line 01 B. Line 02 C. Line 07 D. Line 08View AnswerAnswer: D

HOTSPOT You are a security analyst tasked with hardening a web server. You have been given a list of HTTP payloads that were flagged as malicious. INSTRUCTIONS Given the following attack signatures, determine the attack type, and then identify the associated remediation to prevent the attack in the future. If...

A penetration tester recently completed a review of the security of a core network device within a corporate environment. The key findings are as follows: • The following request was intercepted going to the network device: GET /login HTTP/1.1 Host: 10.50.100.16 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0 Accept-Language:...

A company recruited a penetration tester to configure wireless IDS over the network. Which of the following tools would BEST test the effectiveness of the wireless IDS solutions?A . Aircrack-ng B. Wireshark C. Wifite D. KismetView AnswerAnswer: A Explanation: Reference: https://purplesec.us/perform-wireless-penetration-test/

A Chief Information Security Officer wants a penetration tester to evaluate whether a recently installed firewall is protecting a subnetwork on which many decades- old legacy systems are connected. The penetration tester decides to run an OS discovery and a full port scan to identify all the systems and any...

HOTSPOT You are a security analyst tasked with hardening a web server. You have been given a list of HTTP payloads that were flagged as malicious. INSTRUCTIONS Given the following attack signatures, determine the attack type, and then identify the associated remediation to prevent the attack in the future. If...

A compliance-based penetration test is primarily concerned with:A . obtaining Pll from the protected network. B. bypassing protection on edge devices. C. determining the efficacy of a specific set of security standards. D. obtaining specific information from the protected network.View AnswerAnswer: C

HOTSPOT You are a security analyst tasked with hardening a web server. You have been given a list of HTTP payloads that were flagged as malicious. INSTRUCTIONS Given the following attack signatures, determine the attack type, and then identify the associated remediation to prevent the attack in the future. If...

Which of the following provides a matrix of common tactics and techniques used by attackers along with recommended mitigations?A . NIST SP 800-53 B. OWASP Top 10 C. MITRE ATT&CK framework D. PTES technical guidelinesView AnswerAnswer: C Explanation: Reference: https://digitalguardian.com/blog/what-mitre-attck-framework

A penetration tester performs the following command: curl CI Chttp2 https://www.comptia.org Which of the following snippets of output will the tester MOST likely receive? A . Option A B. Option B C. Option C D. Option DView AnswerAnswer: A Explanation: Reference: https://research.securitum.com/http-2-protocol-it-is-faster-but-is-it-also-safer/