[2021.1] Free CompTIA PT0-001 exam practice test and latest updates PT0-001 dumps from Lead4pass

Posted on By admin

Newly shared CompTIA PT0-001 exam learning preparation program! Get the latest PT0-001 exam exercise questions and exam dumps pdf for free! 100% pass the exam to select
the full CompTIA PT0-001 dumps: https://www.leads4pass.com/pt0-001.html the link to get VCE or PDF. All exam questions are updated!

Lead4pass offers the latest CompTIA PT0-001 PDF Google Drive

[Latest updates] Free CompTIA PT0-001 dumps pdf download from Google Drive: https://drive.google.com/file/d/11bPIY6jonEfvcjgCaEidIg2yWWKdN3pX/

Examsall Exam Table of Contents:

latest updated CompTIA PT0-001 exam questions and answers

QUESTION 1
Which of the following tools would a penetration tester leverage to conduct OSINT? (Select TWO).
A. Shodan
B. SET
C. BeEF
D. Wireshark
E. Maltego
F. Dynamo
Correct Answer: AE
References: https://resources.infosecinstitute.com/top-five-open-source-intelligence-osint-tools/#gref

QUESTION 2
Which of the following is an example of a spear-phishing attack?
A. Targeting an executive with an SMS attack
B. Targeting a specific team with an email attack
C. Targeting random users with a USB key drop
D. Targeting an organization with a watering hole attack
Correct Answer: A
Reference: https://www.comparitech.com/blog/information-security/spear-phishing/

QUESTION 3
During the information gathering phase of a network penetration test for the corp.local domain, which of the following
commands would provide a list of domain controllers?
A. nslookup -type=srv _ldap._tcp.dc._msdcs.corp.local
B. nmap -sV -p 389 – -script=ldap-rootdse corp.local
C. net group “Domain Controllers” /domain
D. gpresult /d corp.local /r “Domain Controllers”
Correct Answer: A

QUESTION 4
An attacker uses SET to make a copy of a company\\’s cloud-hosted webmail portal and sends an email m to obtain the
CEO s login credentials Which of the following types of attacks is this an example of?
A. Elicitation attack
B. Impersonation attack
C. Spear phishing attack
D. Drive-by download attack
Correct Answer: A
Reference: https://www.social-engineer.org/framework/influencing-others/elicitation/

QUESTION 5
An assessor begins an internal security test of the Windows domain internal.comptia.net. The assessor is given network
access via DHCP but is not given any network maps or target IP addresses. Which of the following commands can the
assessor use to find any likely Windows domain controllers?
A. dig -q any _kerberos._tcp.internal.comptia.net
B. dig -q any _lanman._tcp.internal.comptia.net
C. dig -q any _ntlm._tcp.internal.comptia.net
D. dig -q any _smtp._tcp.internal.comptia.net
Correct Answer: A

QUESTION 6
A penetration tester has successfully deployed an evil twin and is starting to see some victim traffic. The next step the
penetration tester wants to take is to capture all the victim web traffic unencrypted. Which of the following would BEST
meet this goal?
A. Perform an HTTP downgrade attack.
B. Harvest the user credentials to decrypt traffic.
C. Perform a MITM attack.
D. Implement a CA attack by impersonating trusted CAs.
Correct Answer: A

QUESTION 7
A consultant is performing a social engineering attack against a client. The consultant was able to collect a number of
usernames and passwords using a phishing campaign. The consultant is given credentials to log on to various employees’ email accounts. Given the findings, which of the following should the consultant recommend be
implemented?
A. Strong password policy
B. Password encryption
C. Email system hardening
D. Two-factor authentication
Correct Answer: D

QUESTION 8
During an internal penetration test, several multicasts and broadcast name resolution requests are observed traversing
the network. Which of the following tools could be used to impersonate network resources and collect authentication
requests?
A. Ettercap
B. Tcpdump
C. Responder
D. Medusa
Correct Answer: C

QUESTION 9
DRAG DROP
Instructions:
Analyze the code segments to determine which sections are needed to complete a port scanning script.
Drag the appropriate elements into the correct locations to complete the script.
If at any time you would like to bring back the initial state of the simulation, please click the reset all button.
During a penetration test, you gain access to a system with a limited user interface. This machine appears to have
access to an isolated network that you would like to port scan.
Select and Place:[2021.1] lead4pass pt0-001 exam questions q9

Correct Answer:

[2021.1] lead4pass pt0-001 exam questions q9-1 [2021.1] lead4pass pt0-001 exam questions q9-2

QUESTION 10
A penetration tester is performing ARP spoofing against a switch. Which of the following should the penetration tester
spoof to get the MOST information?
A. MAC address of the client
B. MAC address of the domain controller
C. MAC address of the webserver
D. MAC address of the gateway
Correct Answer: D

QUESTION 11
Which of the following vulnerabilities is MOST likely to be false positives when reported by an automated scanner on a
static HTML web page? (Choose two.)
A. Missing secure flag for a sensitive cookie
B. Reflected cross-site scripting
C. Enabled directory listing
D. Insecure HTTP methods allowed
E. Unencrypted transfer of sensitive data
F. Command injection
G. Disclosure of internal system information
H. Support of weak cipher suites
Correct Answer: FG

QUESTION 12
In a physical penetration testing scenario, the penetration tester obtains physical access to a laptop following potential
NEXT step to extract credentials from the device?
A. Brute force the user\\’s password.
B. Perform an ARP spoofing attack.
C. Leverage the BeEF framework to capture credentials.
D. Conduct LLMNR/NETBIOS-ns poisoning.
Correct Answer: A

QUESTION 13
A penetration tester is performing a code review. Which of the following testing techniques is being performed?
A. Dynamic analysis
B. Fuzzing analysis
C. Static analysis
D. Run-time analysis
Correct Answer: C
Reference: https://smartbear.com/learn/code-review/what-is-code-review/

Lead4Pass CompTIA Discount code 2021

Lead4pass shares the latest CompTIA exam Discount code “CompTIA“. Enter the Discount code to get a 15% Discount!

About lead4pass

Lead4Pass has 8 years of exam experience! A number of professional CompTIA exam experts! Update exam questions throughout the year! The most complete exam questions and answers! The safest buying experience! The greatest free sharing of exam practice questions and answers!
Our goal is to help more people pass the CompTIA exam! Exams are a part of life, but they are important!
In the study, you need to sum up the study! Trust Lead4Pass to help you pass the exam 100%!
about lead4pass

Summarize:

Examsall free to share CompTIA PT0-001 exam exercise questions, PT0-001 pdf, PT0-001 exam video! Lead4pass updated exam questions and answers throughout the year!
Make sure you pass the exam successfully. Select lead4Pass PT0-001 to pass CompTIA PT0-001 exam “CompTIA PenTest+ Exam certification dumps“.

ps.

Latest update Lead4pass PT0-001 exam dumps: https://www.leads4pass.com/pt0-001.html (202 Q&As)

[Latest updates] Free CompTIA PT0-001 Dumps pdf download from Google Drive: https://drive.google.com/file/d/11bPIY6jonEfvcjgCaEidIg2yWWKdN3pX/

CompTIA, CompTIA PenTest+, comptia pentest+ practice tests exam pt0-001, comptia pentest+ pt0-001 cert guide pdf, CompTIA PT0-001, CompTIA PT0-001 discount code, comptia pt0-001 dumps, CompTIA PT0-001 exam questions, pt0-001 CompTIA PenTest+ Exam Tags:, , , , ,