PT0-002 Online Practice Questions and Answers

A penetration tester completed a vulnerability scan against a web server and identified a single but severe vulnerability.

Which of the following is the BEST way to ensure this is a true positive?

A. Run another scanner to compare.

B. Perform a manual test on the server.

C. Check the results on the scanner.

D. Look for the vulnerability online.

Which of the following types of information should be included when writing the remediation section of a penetration test report to be viewed by the systems administrator and technical staff?

A. A quick description of the vulnerability and a high-level control to fix it

B. Information regarding the business impact if compromised

C. The executive summary and information regarding the testing company

D. The rules of engagement from the assessment

A penetration tester wants to perform reconnaissance without being detected. Which of the following activities have a MINIMAL chance of detection? (Choose two.)

A. Open-source research

B. A ping sweep

C. Traffic sniffing

D. Port knocking

E. A vulnerability scan

F. An Nmap scan

An executive needs to use Wi-Fi to connect to the company's server while traveling. While looking for available Wi-Fi connections, the executive notices an available access point to a hotel chain that is not available where the executive is staying. Which of the following attacks is the executive most likely experiencing?

A. Data modification

B. Amplification

C. Captive portal

D. Evil twin

A software company has hired a penetration tester to perform a penetration test on a database server. The tester has been given a variety of tools used by the company's privacy policy. Which of the following would be the BEST to use to find vulnerabilities on this server?

A. OpenVAS

B. Nikto

C. SQLmap

D. Nessus

A penetration tester is testing input validation on a search form that was discovered on a website. Which of the following characters is the BEST option to test the website for vulnerabilities?

A. Comma

B. Double dash

C. Single quote

D. Semicolon

A Chief Information Security Officer wants a penetration tester to evaluate the security awareness level of the company's employees.

Which of the following tools can help the tester achieve this goal?

A. Metasploit

B. Hydra

C. SET D. WPScan

A penetration tester was brute forcing an internal web server and ran a command that produced the following output:

However, when the penetration tester tried to browse the URL http://172.16.100.10:3000/profile, a blank page was displayed. Which of the following is the MOST likely reason for the lack of output?

A. The HTTP port is not open on the firewall.

B. The tester did not run sudo before the command.

C. The web server is using HTTPS instead of HTTP.

D. This URI returned a server error.

Which of the following elements of a penetration testing report aims to provide a normalized and standardized representation of discovered vulnerabilities and the overall threat they present to an affected system or network?

A. Executive summary

B. Vulnerability severity rating

C. Recommendations of mitigation

D. Methodology

Which of the following best explains why communication is a vital phase of a penetration test?

A. To discuss situational awareness

B. To build rapport with the emergency contact

C. To explain the data destruction process

D. To ensure the likelihood of future assessments