CertsTopics Logo

New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

CompTIA PT0-001 Online Access

Page: 5 / 11
Total 294 questions
Get PT0-001 Full Access Download PT0-001 PDF

CompTIA PenTest+ Exam Questions and Answers

Question 17

A penetration tester attempts to perform a UDP port scan against a remote target using an Nmap tool installed onto a non-Kali Linux image. For some reason, the UDP scan falls to start. Which of the following would MOST likely help to resolve the issue?

Options:

A.

Install the latest version of the tool.

B.

Review local iptables for existing drop rules.

C.

Relaunch the tool with elevated privileges.

D.

Enable both IPv4 and IPv6 forwarding.

Question 18

A penetration tester was able to retrieve the initial VPN user domain credentials by phishing a member of the IT department. Afterward, the penetration tester obtained hashes over the VPN and easily cracked them using a dictionary attack Which of the following remediation steps should be recommended? (Select THREE)

Options:

A.

Mandate all employees take security awareness training

B.

Implement two-factor authentication for remote access

C.

Install an intrusion prevention system

D.

Increase password complexity requirements

E.

Install a security information event monitoring solution.

F.

Prevent members of the IT department from interactively logging in as administrators

G.

Upgrade the cipher suite used for the VPN solution

Question 19

A company’s corporate policies state that employees are able to scan any global network as long as it is done within working hours. Government laws prohibit unauthorized scanning. Which of the following should an employee abide by?

Options:

A.

Company policies must be followed in this situation

B.

Laws supersede corporate policies

C.

Industry standards receding scanning should be followed

D.

The employee must obtain written approval from the company's Chief Information Security Officer (ClSO) prior to scanning

Question 20

A penetration tester identifies the following findings during an external vulnerability scan:

Which of the following attack strategies should be prioritized from the scan results above?

Options:

A.

Obsolete software may contain exploitable components

B.

Weak password management practices may be employed

C.

Cryptographically weak protocols may be intercepted

D.

Web server configurations may reveal sensitive information

Page: 5 / 11
Total 294 questions
Get PT0-001 Full Access Download PT0-001 PDF