PT0-001 Free Practice Test

HOTSPOT
You are a security analyst tasked with hardening a web server.
You have been given a list of HTTP payloads that were flagged as malicious.


Solution:


Does this meet the goal?

1. A. Yes
2. B. No

Correct Answer: A

Which of the following BEST explains why it is important to maintain confidentiality of any identified findings when performing a penetration test?

1. A. Penetration test findings often contain company intellectual property
2. B. Penetration test findings could lead to consumer dissatisfaction if made pubic
3. C. Penetration test findings are legal documents containing privileged information
4. D. Penetration test findings can assist an attacker in compromising a system

Correct Answer: C

A penetration testet is attempting to capture a handshake between a client and an access point by monitoring a WPA2-PSK secured wireless network The (ester is monitoring the correct channel tor the identified network but has been unsuccessful in capturing a handshake Given this scenario, which of the following attacks would BEST assist the tester in obtaining this handshake?

1. A. Karma attack
2. B. Deauthentication attack
3. C. Fragmentation attack
4. D. SSID broadcast flood

Correct Answer: B

A. penetration tester wants to check manually if a "ghost" vulnerability exists in a system. Which of the following methods is the correct way to validate the vulnerability?

1. A. Option A
2. B. Option B
3. C. Option C
4. D. Option D

Correct Answer: D

A penetration tester is utilizing social media to gather information about employees at a company. The tester has created a list of popular words used in employee profile s. For which of the following types of attack would this information be used?

1. A. Explogt chaining
2. B. Session hijacking
3. C. Dictionary
4. D. Karma

Correct Answer: B