Comptia braindumps2go pt0-002 Leak Questions by Omer q202 vce pdf

Page: 20 / 29

Exam Name:	CompTIA PenTest+ Certification Exam
Exam Code:	PT0-002 Dumps
Vendor:	CompTIA	Certification:	PenTest+
Questions:	400 Q&A's	Shared By:	omer

Question 80

A company uses a cloud provider with shared network bandwidth to host a web application on dedicated servers. The company's contact with the cloud provider prevents any activities that would interfere with the cloud provider's other customers. When engaging with a penetration-testing company to test the application, which of the following should the company avoid?

Options:

Crawling the web application's URLs looking for vulnerabilities

Fingerprinting all the IP addresses of the application's servers

Brute forcing the application's passwords

Sending many web requests per second to test DDoS protection

Discussion

Question 81

A company obtained permission for a vulnerability scan from its cloud service provider and now wants to test the security of its hosted data.

Which of the following should the tester verify FIRST to assess this risk?

Options:

Whether sensitive client data is publicly accessible

Whether the connection between the cloud and the client is secure

Whether the client's employees are trained properly to use the platform

Whether the cloud applications were developed using a secure SDLC

Discussion

Teddie

yes, I passed my exam with wonderful score, Accurate and valid dumps.

Isla-Rose (not set)

Absolutely! The questions in the dumps were almost identical to the ones that appeared in the actual exam. I was able to answer almost all of them correctly.

Melody

My experience with Cramkey was great! I was surprised to see that many of the questions in my exam appeared in the Cramkey dumps.

Colby (not set)

Yes, In fact, I got a score of above 85%. And I attribute a lot of my success to Cramkey's dumps.

Anaya

I found so many of the same questions on the real exam that I had already seen in the Cramkey Dumps. Thank you so much for making exam so easy for me. I passed it successfully!!!

Nina (not set)

It's true! I felt so much more confident going into the exam because I had already seen and understood the questions.

Ari

Can anyone explain what are these exam dumps and how are they?

Ocean (not set)

They're exam preparation materials that are designed to help you prepare for various certification exams. They provide you with up-to-date and accurate information to help you pass your exams.

Question 82

A penetration tester obtained the following results after scanning a web server using the dirb utility:

...

GENERATED WORDS: 4612

---- Scanning URL: http://10.2.10.13/ ----

+ http://10.2.10.13/about (CODE:200|SIZE:1520)

+ http://10.2.10.13/home.html (CODE:200|SIZE:214)

+ http://10.2.10.13/index.html (CODE:200|SIZE:214)

+ http://10.2.10.13/info (CODE:200|SIZE:214)

...

DOWNLOADED: 4612 – FOUND: 4

Which of the following elements is MOST likely to contain useful information for the penetration tester?

Options:

index.html

about

info

home.html

Discussion

Question 83

A penetration tester wants to identify CVEs that can be leveraged to gain execution on a Linux server that has an SSHD running. Which of the following would BEST support this task?

Options:

Run nmap with the –o, -p22, and –sC options set against the target

Run nmap with the –sV and –p22 options set against the target

Run nmap with the --script vulners option set against the target

Run nmap with the –sA option set against the target