Free PT0-002 Exam Braindumps

A penetration tester ran a ping –A command during an unknown environment test, and it returned a 128 TTL packet. Which of the following OSs would MOST likely return a packet of this type?

1. A. Windows
2. B. Apple
3. C. Linux
4. D. Android

Correct Answer: A

A penetration tester is assessing a wireless network. Although monitoring the correct channel and SSID, the tester is unable to capture a handshake between the clients and the AP. Which of the following attacks is the MOST effective to allow the penetration tester to capture a handshake?

1. A. Key reinstallation
2. B. Deauthentication
3. C. Evil twin
4. D. Replay

Correct Answer: B
Deauth will make the client connect again

A large client wants a penetration tester to scan for devices within its network that are Internet facing. The client is specifically looking for Cisco devices with no authentication requirements. Which of the following settings in Shodan would meet the client’s requirements?

1. A. “cisco-ios” “admin+1234”
2. B. “cisco-ios” “no-password”
3. C. “cisco-ios” “default-passwords”
4. D. “cisco-ios” “last-modified”

Correct Answer: B

The results of an Nmap scan are as follows:
Starting Nmap 7.80 ( https://nmap.org ) at 2021-01-24 01:10 EST
Nmap scan report for ( 10.2.1.22 ) Host is up (0.0102s latency).
Not shown: 998 filtered ports Port State Service
80/tcp open http
|_http-title: 80F 22% RH 1009.1MB (text/html)
|_http-slowloris-check:
| VULNERABLE:
| Slowloris DoS Attack
| <..>
Device type: bridge|general purpose
Running (JUST GUESSING) : QEMU (95%)
OS CPE: cpe:/a:qemu:qemu
No exact OS matches found for host (test conditions non-ideal).
OS detection performed. Please report any incorrect results at https://nmap.org/submit/. Nmap done: 1 IP address (1 host up) scanned in 107.45 seconds
Which of the following device types will MOST likely have a similar response? (Choose two.)

1. A. Network device
2. B. Public-facing web server
3. C. Active Directory domain controller
4. D. IoT/embedded device
5. E. Exposed RDP
6. F. Print queue

Correct Answer: BD
https://www.netscout.com/what-is-ddos/slowloris-attacks
From the http-title in the output, this looks like an IoT device with RH implying Relative Humidity, that offers a web-based interface for visualizing the results.

A new security firm is onboarding its first client. The client only allowed testing over the weekend and needed the results Monday morning. However, the assessment team was not able to access the environment as expected until Monday. Which of the following should the security company have acquired BEFORE the start of the assessment?

1. A. A signed statement of work
2. B. The correct user accounts and associated passwords
3. C. The expected time frame of the assessment
4. D. The proper emergency contacts for the client

Correct Answer: D