Comptia passguarantee pentest+ Pt0-002 Updated Exam by Mari q51 vce pdf

Page: 25 / 34

Exam Name:	CompTIA PenTest+ Certification Exam
Exam Code:	PT0-002 Dumps
Vendor:	CompTIA	Certification:	PenTest+
Questions:	464 Q&A's	Shared By:	mari

Question 100

A penetration tester developed the following script to be used during an engagement:

#!/usr/bin/python

import socket, sys

ports = [21, 22, 23, 25, 80, 139, 443, 445, 3306, 3389]

if len(sys.argv) > 1:

target = socket.gethostbyname (sys. argv [0])

else:

print ("Few arguments.")

print ("Syntax: python {} ". format (sys. argv [0]))

sys.exit ()

try:

for port in ports:

s = socket. socket (socket. AF_INET, socket. SOCK_STREAM)

s.settimeout (2)

result = s.connect_ex ((target, port) )

if result == 0:

print ("Port {} is opened". format (port) )

except KeyboardInterrupt:

print ("\nExiting ... ")

sys.exit ()

However, when the penetration tester ran the script, the tester received the following message:

socket.gaierror: [Errno -2] Name or service not known

Which of the following changes should the penetration tester implement to fix the script?

Options:

From:

target = socket.gethostbyname (sys. argv [0])

To:

target = socket.gethostbyname (sys.argv[1])

From:

s = socket. socket (socket. AF_INET, socket. SOCK_STREAM)

To:

s = socket.socket (socket.AF_INET, socket. SOCK_DGRAM)

From:

import socket, sys

To:

import socket

import sys

From:

result = s.connect_ex ((target, port) )

To:

result = s.connect ( (target, port) )

Discussion

Addison

Want to tell everybody through this platform that I passed my exam with excellent score. All credit goes to Cramkey Exam Dumps.

Libby Aug 9, 2024

That's good to know. I might check it out for my next IT certification exam. Thanks for the info.

Sarah

Yeah, I was so relieved when I saw that the question appeared in the exam were similar to their exam dumps. It made the exam a lot easier and I felt confident going into it.

Aaliyah Aug 27, 2024

Same here. I've heard mixed reviews about using exam dumps, but for us, it definitely paid off.

Wyatt

Passed my exam… Thank you so much for your excellent Exam Dumps.

Arjun Sep 18, 2024

That sounds really useful. I'll definitely check it out.

Andrew

Are these dumps helpful?

Jeremiah Oct 27, 2024

Yes, Don’t worry!!! I'm confident you'll find them to be just as helpful as I did. Good luck with your exam!

Rosalie

I passed. I would like to tell all students that they should definitely give Cramkey Dumps a try.

Maja Aug 30, 2024

That sounds great. I'll definitely check them out. Thanks for the suggestion!

Question 101

A security analyst is conducting an unknown environment test from 192.168 3.3. The analyst wants to limit observation of the penetration tester's activities and lower the probability of detection by intrusion protection and detection systems. Which of the following Nmap commands should the analyst use to achieve This objective?

Options:

Nmap –F 192.168.5.5

Map –datalength 2.192.168.5.5

Nmap –D 10.5.2.2.168.5.5

Map –scanflags SYNFIN 192.168.5.5

Discussion

Question 102

During a code review assessment, a penetration tester finds the following vulnerable code inside one of the web application files:

<% String id = request.getParameter("id"); %>

Employee ID: <%= id %>

Which of the following is the best remediation to prevent a vulnerability from being exploited, based on this code?

Options:

Parameterized queries

Patch application

Output encoding

Discussion

Question 103

A penetration tester is hired to test a client’s systems. The client's systems are hosted by the client at its headquarters. The production environment is hosted by a private cloud-hosting company. Which of the following would be the most important for the penetration tester to determine before beginning the test?

Options:

Third-party asset restrictions

Disallowed tests

Physical locations of theinfrastructure

Time-of-day restrictions