Online Access Free PT0-001 Practice Test

A penetration tester ran an Nmap scan against a target and received the following output:

Which of the following commands would be best for the penetration tester to execute NEXT to discover any weaknesses or vulnerabilities?

• A.enum4linux -w 192.168.121.1
• B.snmpwalk -c public 192.168.121.1
• C.onesixtyone -d 192.168.121.1
• D.medusa -h 192.168.121.1 -U users.txt -P passwords.txt -M ssh

A penetration tester runs a script that queries the domain controller for user service principal names. Which of the following techniques is MOST likely being attempted?

• A.Cleartext credentials in LDAP
• B.Cpassword
• C.Kerberoasting
• D.LSASS credential extraction

A client needs to be PCI compliant and has external-facing web servers. Which of the following CVSS vulnerability scores would automatically bring the client out of compliance standards such as PCI 3.x?

• A.2.9
• B.3.0
• C.4.0
• D.5.9

A penetration testet is attempting to capture a handshake between a client and an access point by monitoring a WPA2-PSK secured wireless network The (ester is monitoring the correct channel tor the identified network but has been unsuccessful in capturing a handshake Given this scenario, which of the following attacks would BEST assist the tester in obtaining this handshake?

• A.Karma attack
• B.Deauthentication attack
• C.Fragmentation attack
• D.SSID broadcast flood

A consultant is performing a social engineering attack against a client. The consultant was able to collect a number of usernames and passwords using a phishing campaign. The consultant is given credentials to log on to various employees email accounts. Given the findings, which of the following should the consultant recommend be implemented?

• A.Two-factor authentication
• B.Strong password policy
• C.Password encryption
• D.Email system hardening