To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
The technical storage or access that is used exclusively for statistical purposes.
The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Some new sample questions:
Question:
A client claims that a ransomware attack has crippled its corporate network following a penetration test assessment. Which of the following is the most likely root cause of this issue?
A. Client reluctance to accept findings
B. Lack of attestation
C. Incomplete data destruction process
D. Failure to remove tester-created credentials
Question:
A penetration tester is performing a social engineering penetration test and was able to create a remote session. Which of the following social engineering techniques was most likely successful?
A. SMS phishing
B. Dumpster diving
C. Executive impersonation attack
D. Browser exploitation framework
Question:
Which of the following best explains why a penetration tester would use ProxyChains during an assessment?
A. To harvest credentials
B. To use remote access tools
C. To fingerprint the organization
D. To automate protocols
……..
Is this latest? Good passing?
Hi,
Exam PT0-002 is valid now.
You can learn it.
thanks
Some new questions:
Q
A penetration tester was able to gain access to a plaintext file on a user workstation. Upon opening the file, the tester notices some strings of randomly generated text. The tester is able to use these strings to move laterally throughout the network by accessing the fileshare on a web application. Which of the following should the organization do to remediate the issue?
A. Sanitize user input.
B. Implement password management solution.
C. Rotate keys.
D. Utilize certificate management.
Q
A penetration tester is attempting to perform reconnaissance on a customer’s external-facing footprint and reviews a summary of the fingerprinting scans:
SSH servers: 23
NTP servers: 4
Rsync servers: 5
LDAP servers: 2
Which of the following OSs is the organization most likely using?
A. Mac OS X
B. FreeBSD
C. Microsoft Windows
D. Linux
Q
During an assessment, a penetration tester obtains a list of password digests using Responder. Which of the following tools would the penetration tester most likely use next?
A. Hashcat
B. Hydra
C. CeWL
D. Medusa
Q
A penetration tester managed to get control of an internal web server that is hosting the IT knowledge base. Which of the following attacks should the penetration tester attempt next?
A. Vishing
B. Watering hole
C. Whaling
D. Spear phishing
Q
After obtaining a reverse shell connection, a penetration tester runs the following command: www-data@server!2:sudo -1
User www-data may run the following commands on serverl2: (root) NOPASSWD: /usr/bin/vi
Which of the following is the fastest way to escalate privileges on this server?
A. Editing the file /etc/passwd to add a new user with uid 0
B. Creating a Bash script, saving it on the /tmp folder, and then running it
C. Executing the command sudo vi -c ‘ Jbash’
D. Editing the file/etc/sudoers to allow any command
………………