PT0-002 Free Practice Test

Which of the following commands will allow a penetration tester to permit a shell script to be executed by the file owner?

1. A. chmod u+x script.sh
2. B. chmod u+e script.sh
3. C. chmod o+e script.sh
4. D. chmod o+x script.sh

Correct Answer: A

A penetration tester wants to perform reconnaissance without being detected. Which of the following activities have a MINIMAL chance of detection? (Choose two.)

1. A. Open-source research
2. B. A ping sweep
3. C. Traffic sniffing
4. D. Port knocking
5. E. A vulnerability scan
6. F. An Nmap scan

Correct Answer: AC

A penetration tester was contracted to test a proprietary application for buffer overflow vulnerabilities. Which of the following tools would be BEST suited for this task?

1. A. GDB
2. B. Burp Suite
3. C. SearchSpliot
4. D. Netcat

Correct Answer: A

Which of the following tools provides Python classes for interacting with network protocols?

1. A. Responder
2. B. Impacket
3. C. Empire
4. D. PowerSploit

Correct Answer: B

A security company has been contracted to perform a scoped insider-threat assessment to try to gain access to the human resources server that houses PII and salary data. The penetration testers have been given an internal network starting position.
Which of the following actions, if performed, would be ethical within the scope of the assessment?

1. A. Exploiting a configuration weakness in the SQL database
2. B. Intercepting outbound TLS traffic
3. C. Gaining access to hosts by injecting malware into the enterprise-wide update server
4. D. Leveraging a vulnerability on the internal CA to issue fraudulent client certificates
5. E. Establishing and maintaining persistence on the domain controller

Correct Answer: B