← Back to exam page

PT0-002 CompTIA PenTest+

Loading demo links...

Showing 4–6 of 15 questions

Question 4

The results of an Nmap scan are as follows:

Starting Nmap 7.80 ( https://nmap.org ) at 2021-01-24 01:10 EST

Nmap scan report for ( 10.2.1.22 )

Host is up (0.0102s latency).

Not shown: 998 filtered ports

Port State Service

80/tcp open http

|_http-title: 80F 22% RH 1009.1MB (text/html)

|_http-slowloris-check:

| VULNERABLE:

| Slowloris DoS Attack

| <..>

Device type: bridge|general purpose

Running (JUST GUESSING) : QEMU (95%)

OS CPE: cpe:/a:qemu:qemu

No exact OS matches found for host (test conditions non-ideal).

OS detection performed. Please report any incorrect results at https://nmap.org/submit/.

Nmap done: 1 IP address (1 host up) scanned in 107.45 seconds

Which of the following device types will MOST likely have a similar response? (Choose two.)

Select all that apply, then click Submit answer.

  • Network device

  • Public-facing web server

  • Active Directory domain controller

  • IoT/embedded device

  • Exposed RDP

  • Print queue
Question 5

Which of the following describe the GREATEST concerns about using third-party open-source libraries in application code? (Choose two.)

Select all that apply, then click Submit answer.

  • The libraries may be vulnerable

  • The licensing of software is ambiguous

  • The libraries’ code bases could be read by anyone

  • The provenance of code is unknown

  • The libraries may be unsupported

  • The libraries may break the application
Question 6

Which of the following tools would be BEST suited to perform a manual web application security assessment? (Choose two.)

Select all that apply, then click Submit answer.

  • OWASP ZAP

  • Nmap

  • Nessus

  • BeEF

  • Hydra

  • Burp Suite