PT0-002 Free Practice Test

A security professional wants to test an IoT device by sending an invalid packet to a proprietary service listening on TCP port 3011. Which of the following would allow the security professional to easily and programmatically manipulate the TCP header length and checksum using arbitrary numbers and to observe how the proprietary service responds?

1. A. Nmap
2. B. tcpdump
3. C. Scapy
4. D. hping3

Correct Answer: C
https://0xbharath.github.io/art-of-packet-crafting-with-scapy/scapy/creating_packets/index.html https://scapy.readthedocs.io/en/latest/introduction.html#about-scapy

A penetration tester recently completed a review of the security of a core network device within a corporate environment. The key findings are as follows:
• The following request was intercepted going to the network device: GET /login HTTP/1.1
Host: 10.50.100.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0 Accept-Language: en-US,en;q=0.5
Connection: keep-alive
Authorization: Basic WU9VUilOQU1FOnNlY3JldHBhc3N3b3jk
• Network management interfaces are available on the production network.
• An Nmap scan returned the following:

Which of the following would be BEST to add to the recommendations section of the final report? (Choose two.)

1. A. Enforce enhanced password complexity requirements.
2. B. Disable or upgrade SSH daemon.
3. C. Disable HTTP/301 redirect configuration.
4. D. Create an out-of-band network for management.
5. E. Implement a better method for authentication.
6. F. Eliminate network management and control interfaces.

Correct Answer: CD

A security analyst needs to perform an on-path attack on BLE smart devices. Which of the following tools would be BEST suited to accomplish this task?

1. A. Wireshark
2. B. Gattacker
3. C. tcpdump
4. D. Netcat

Correct Answer: B
The best tool for performing an on-path attack on BLE smart devices is Gattacker. Gattacker is a Bluetooth Low Energy (BLE) pentesting and fuzzing framework specifically designed for on-path attacks. It allows security analysts to perform a variety of tasks, including man-in-the-middle attacks, passive and active scans, fuzzing of BLE services, and more. Gattacker also provides an interactive command-line interface that makes it easy to interact with the target BLE device and execute various commands.

A company is concerned that its cloud service provider is not adequately protecting the VMs housing its software development. The VMs are housed in a datacenter with other companies sharing physical resources. Which of the following attack types is MOST concerning to the company?

1. A. Data flooding
2. B. Session riding
3. C. Cybersquatting
4. D. Side channel

Correct Answer: D
https://www.techtarget.com/searchsecurity/definition/side-channel-attack#:~:text=Side-channel attacks%

A penetration tester is explaining the MITRE ATT&CK framework to a company’s chief legal counsel. Which of the following would the tester MOST likely describe as a benefit of the framework?

1. A. Understanding the tactics of a security intrusion can help disrupt them.
2. B. Scripts that are part of the framework can be imported directly into SIEM tools.
3. C. The methodology can be used to estimate the cost of an incident better.
4. D. The framework is static and ensures stability of a security program overtime.

Correct Answer: A