Online Access Free CompTIA.PT0-001.v2022-02-01.q177 Practice Test (Page 16)

PT0-001 Exam Question 71

A penetration tester observes that the content security policy header is missing during a web application penetration test.
Which of the following techniques would the penetration tester MOST likely perform?

A.Command injection attack

B.Clickjacking attack

C.Directory traversal attack

D.Remote file inclusion attack

PT0-001 Exam Question 72

During testing, a critical vulnerability is discovered on a client's core server. Which of the following should be the NEXT action?

A.Disable the network port of the affected service.

B.Promptly alert the client with details of the finding.

C.Take the target offline so it cannot be exploited by an attacker.

D.Complete all findings, and then submit them to the client.

PT0-001 Exam Question 73

A penetration test was performed by an on-staff technicians junior technician. During the test, the technician discovered the application could disclose an SQL table with user account and password information. Which of the following is the MOST effective way to notify management of this finding and its importance?

A.Document Ihe findtngs with an executive summary, recommendations, and screenshots of the web apphcation disclosure.

B.Request that management create an RFP to begin a formal engagement with a professional penetration testing company.

C.Connect to the SQL server using this information and change the password to one or two non-critical accounts to demonstrate a proof-of-concept to management.

D.Notify the development team of the discovery and suggest that input validation be implemented on the web application's SQL query strings.

PT0-001 Exam Question 74

A client has requested an external network penetration test for compliance purposes. During discussion between the client and the penetration tester, the client expresses unwillingness to add the penetration tester's source IP addresses to the client's IPS whitelist for the duration of the test. Which of the following is the BEST argument as to why the penetration tester's source IP addresses should be whitelisted?

A.Whitelisting prevents a possible inadvertent DoS attack against the IPS and supporting log-monitoring systems.

B.Penetration testing of third-party IPS systems often requires additional documentation and authorizations; potentially delaying the time-sensitive test.

C.IPS whitelisting rules require frequent updates to stay current, constantly developing vulnerabilities and newly discovered weaknesses.

D.Testing should focus on the discovery of possible security issues across all in-scope systems, not on determining the relative effectiveness of active defenses such as an IPS.

PT0-001 Exam Question 75

A penetration tester is able to move laterally throughout a domain with minimal roadblocks after compromising a single workstation. Which of the following mitigation strategies would be BEST to recommend in the report?
(Select THREE).

A.Increase minimum password complexity requirements.

B.Require multifactor authentication for all logins.

C.Enable full-disk encryption on every workstation.

D.Disable remote logons for local administrators.

E.Segment each host into its own VLAN.

F.Apply additional network access control.

G.Randomize local administrator credentials for each machine.

Other Version: 2157CompTIA.PT0-001.v2022-09-05.q129; 77CompTIA.Ipassleader.PT0-001.v2022-03-10.by.scott.177q.pdf; 2691CompTIA.PT0-001.v2021-12-21.q123; 93CompTIA.Vce4plus.PT0-001.v2021-08-06.by.harvey.229q.pdf

Latest Upload: 143CrowdStrike.CCSE-204.v2026-06-12.q25; 162VMware.2V0-17.25.v2026-06-12.q49; 151Appian.ACA-100.v2026-06-11.q23; 208CompTIA.220-1202.v2026-06-11.q114; 164CheckPoint.156-590.v2026-06-11.q47; 224CompTIA.220-1202.v2026-06-10.q109; 206CertiProf.CEHPC.v2026-06-10.q54; 152Hitachi.HQT-4160.v2026-06-10.q25; 404PMI.PMI-ACP-CN.v2026-06-09.q453; 193Splunk.SPLK-5002.v2026-06-08.q52

PT0-001 Exam Question 71

PT0-001 Exam Question 72

PT0-001 Exam Question 73

PT0-001 Exam Question 74

PT0-001 Exam Question 75

Download PDF File