PT0-001 Online Practice Questions and Answers

Which of the following commands starts the Metasploit database?

A. msfconsole

B. workspace

C. msfvenom

D. db_init

E. db_connect

A consultant wants to scan all the TCP ports on an identified device. Which of the following Nmap switches will complete this task?

A. -p-

B. -p ALX,

C. -p 1-65534

D. -port 1-65534

A penetration tester has compromised a Windows server and is attempting to achieve persistence. Which of the following would achieve that goal?

A. schtasks.exe /create/tr "powershell.exe" Sv.ps1 /run

B. net session server | dsquery -user | net use c$

C. powershell andand set-executionpolicy unrestricted

D. reg save HKLM\System\CurrentControlSet\Services\Sv.reg

After successfully enumerating users on an Active Directory domain controller using enum4linux a penetration tester wants to conduct a password-guessing attack Given the below output: Which of the following can be used to extract usernames from the above output prior to conducting the attack?

A. cat enum41inux_output.txt > grep -v user I sed `s/\[//' I sed `s/\]//' 2> usernames.txt

B. grep user enuza41inux_output.txt I awk '{print $1}' | cut -d[ -? I cut -d] -f1>; username.txt

C. grep -i rid v< enura.41inux_output. txt' | cut -d: -? i cut -d] -f1>; usernames. txt

D. cut -d: -f2 enum41inux_output.txt | awk '{print S2}' I cut -d: -f1 > usernaraes.txt

When conducting reconnaissance against a target, which of the following should be used to avoid directory communicating with the target?

A. Nmap tool

B. Maltego community edition

C. Nessus vulnerability scanner

D. OpenVAS

E. Melasploit

Joe, an attacker, intends to transfer funds discreetly from a victim's account to his own. Which of the following URLs can he use to accomplish this attack?

A. https://testbank.com/BankingApp/ACH.aspx?CustID=435345andaccountType=Fandaction-ACHTransferandsenderID=654846andnotify=Falseandcreditaccount='OR 1=1 AND select username from testbank.custinfo where username like `Joe'andamount=200

B. https://testbank.com/BankingApp/ACH.aspx?CustID=435345andaccountType=Fandaction-ACHTransferandsenderID=654846andnotify=Falseandcreditaccount='OR 1=1 AND select username from testbank.custinfo where username like `Joe' andamount=200

C. https://testbank.com/BankingApp/ACH.aspx?CustID=435345andaccountType=Fandaction-ACHTransferandsenderID=654846andnotify=Trueandcreditaccount='OR 1=1 AND select username from testbank.custinfo where username like `Joe' andamount=200

D. https://testbank.com/BankingApp/ACH.aspx?CustID=435345andaccountType=Fandaction-ACHTransferandsenderID=654846andnotify=Trueandcreditaccount='AND 1=1 AND select username from testbank.custinfo where username like `Joe' andamount=200

After establishing a shell on a target system, Joe, a penetration tester is aware that his actions have not been detected. He now wants to maintain persistent access to the machine. Which of the following methods would be MOST easily detected?

A. Run a zero-day exploit.

B. Create a new domain user with a known password.

C. Modify a known boot time service to instantiate a call back.

D. Obtain cleartext credentials of the compromised user.

A penetration tester needs to use Nmap to scan a host with a very low speed so the WAF or IPS/IDS is not triggered. Which of the following command-line parameters should be added to the Nmap command?

A. -t 5

B. -sP 10

C. -sV

D. -t 1

Which of the following is the BEST way to deploy vulnerability scanners with many networks segmented by firewalls with active IPS rules?

A. Deploy a single scanner inside each network segment.

B. Deploy many scanners inside one segment and allow any rules.

C. Deploy one internal scanner and one external scanner.

D. Deploy one internal scanner with heavy server resources.

Which of the following describe a susceptibility present in Android-based commercial mobile devices when organizations are not employing MDM services? (Choose two.)

A. Configurations are user-customizable.

B. End users have root access to devices by default.

C. Push notification services require Internet access.

D. Unsigned apps can be installed.

E. The default device log facility does not record system actions.

F. IPSec VPNs are not configurable.