PT0-002 Free Practice Test

An Nmap scan shows open ports on web servers and databases. A penetration tester decides to run WPScan and SQLmap to identify vulnerabilities and additional information about those systems.
Which of the following is the penetration tester trying to accomplish?

1. A. Uncover potential criminal activity based on the evidence gathered.
2. B. Identify all the vulnerabilities in the environment.
3. C. Limit invasiveness based on scope.
4. D. Maintain confidentiality of the findings.

Correct Answer: C

When planning a penetration-testing effort, clearly expressing the rules surrounding the optimal time of day for test execution is important because:

1. A. security compliance regulations or laws may be violated.
2. B. testing can make detecting actual APT more challenging.
3. C. testing adds to the workload of defensive cyber- and threat-hunting teams.
4. D. business and network operations may be impacted.

Correct Answer: D

In the process of active service enumeration, a penetration tester identifies an SMTP daemon running on one of the target company’s servers. Which of the following actions would BEST enable the tester to perform
phishing in a later stage of the assessment?

1. A. Test for RFC-defined protocol conformance.
2. B. Attempt to brute force authentication to the service.
3. C. Perform a reverse DNS query and match to the service banner.
4. D. Check for an open relay configuration.

Correct Answer: D
SMTP is a protocol associated with mail servers. Therefore, for a penetration tester, an open relay configuration can be exploited to launch phishing attacks.

Which of the following types of information would MOST likely be included in an application security assessment report addressed to developers? (Choose two.)

1. A. Use of non-optimized sort functions
2. B. Poor input sanitization
3. C. Null pointer dereferences
4. D. Non-compliance with code style guide
5. E. Use of deprecated Javadoc tags
6. F. A cydomatic complexity score of 3

Correct Answer: BC

Which of the following should a penetration tester consider FIRST when engaging in a penetration test in a cloud environment?

1. A. Whether the cloud service provider allows the penetration tester to test the environment
2. B. Whether the specific cloud services are being used by the application
3. C. The geographical location where the cloud services are running
4. D. Whether the country where the cloud service is based has any impeding laws

Correct Answer: A