WGU D484 Penetration Testing from CompTIA PenTest+ practice exam questions and answers Western Governors University

WGU D484 Penetration Testing from CompTIA PenTest+ practice exam questions and answers Western Governors University Check PT0-001 CompTIA PenTest+ Free Dumps Online Congratulations – You have completed PT0-001 V9 exam! Your answers are shown below: 6. A constant wants to scan all the TCP Pots on an identified device. Which of the following Nmap switches will complete this task? ▪ -p- ▪ -p ALX, ▪ -p 1-65534 ▪ -port 1-65534 7. A security consultant is trying to attack a device with a previously identified user account. Which of the following types of attacks is being executed? ▪ Credential dump attack ▪ DLL injection attack ▪ Reverse shell attack ▪ Pass the hash attack 8. The following command is run on a Linux file system: Chmod 4111 /usr/bin/sudo Which of the following issues may be exploited now? ▪ Kernel vulnerabilities ▪ Sticky bits ▪ Unquoted service path ▪ Misconfigured sudo 9. A client is asking a penetration tester to evaluate a new web application for availability. Which of the following types of attacks should the tester use? ▪ TCP SYN flood ▪ SQL injection ▪ xss ▪ XMAS scan 10. During a penetration test, a tester runs a phishing campaign and receives a shell from an internal PC running Windows 10 OS. The tester wants to perform credential harvesting with Mimikatz. Which of the following registry changes would allow for credential caching in memory? ▪ reg add HKLMSystemControlSet002ControlSecurityProvidersWDigest /v userLogoCredential /t REG_DWORD /d 0 ▪ reg add HKCUSystemCurrentControlSetControlSecurityProvidersWDigest /v userLogoCredential /t REG_DWORD /d 1 ▪ reg add HKLMSoftwareCurrentControlSetControlSecurityProvidersWDigest /v userLogoCredential /t REG_DWORD /d 1 ▪ reg add HKLMSystemCurrentControlSetControlSecurityProvidersWDigest /v userLogoCredential /t REG_DWORD /d 1 11. In which of the following components is an exploited vulnerability MOST likely to affect multiple running application containers at once? ▪ Common libraries ▪ Configuration files ▪ Sandbox escape ▪ ASLR bypass 12. Which of the following would be BEST for performing passive reconnaissance on a target’s external domain?