Question
a.
Shared local administrator credentials
b.
Unnecessary open services
c.
SQL injection vulnerability
d.
No multifactor authentication
Posted under CompTIA PenTest+ Certification Exam PT0 002
Engage with the Community - Add Your Comment
Confused About the Answer? Ask for Details Here.
Know the Explanation? Add it Here.
Q. Gary ran an Nmap scan of a system and discovered that it is listening on port 22 despite the fact that it should not be accepting SSH connections. What finding should he report?
Similar Questions
Discover Related MCQs
Q. Which one of the following is not a normal communication trigger for a penetration test?
View solution
Q. Wendy is reviewing the results of a penetration test and learns that her organization uses the same local administrator password on all systems. Which one of the following tools can help her resolve this issue?
View solution
Q. What type of report is the client requesting when they ask for a letter documenting the penetration test results for compliance files?
View solution
Q. What should testers observe regarding data retention and destruction at the conclusion of a penetration testing engagement?
View solution
Q. What does the level of detail in a formal attestation of findings depend on?
View solution
Q. When might a formal attestation of findings be requested in a penetration testing engagement?
View solution
Q. What might be included in follow-up actions after a penetration testing engagement?
View solution
Q. Why is it often helpful to have a third party moderate the lessons learned session in a penetration testing engagement?
View solution
Q. What is the purpose of the lessons learned session in a penetration testing engagement?
View solution
Q. What is the purpose of obtaining formal client acceptance in a penetration testing engagement?
View solution
Q. What are three important post-engagement cleanup activities highlighted by CompTIA?
View solution
Q. What is a basic principle that penetration testers should follow during post-engagement cleanup?
View solution
Q. What is an essential post-report delivery activity for penetration testers before closing out a project?
View solution
Q. What should be specified in the penetration testing agreement regarding the storage time of the report?
View solution
Q. Why is secure handling and disposition of penetration testing reports crucial?
View solution
Q. What is the purpose of the "Appendix" section in a penetration testing report?
View solution
Q. In the conclusion, what is a common consideration when comparing risk ratings with an organization's risk appetite?
View solution
Q. What may be included in the conclusion to provide context for the information presented in the report?
View solution
Q. What is the primary purpose of the "Conclusion" section in a penetration testing report?
View solution
Q. What is the primary content of the "Findings and Remediation" section in a penetration testing report?
View solution
Suggested Topics
Are you eager to expand your knowledge beyond CompTIA PenTest+ Certification Exam PT0 002? We've curated a selection of related categories that you might find intriguing.
Click on the categories below to discover a wealth of MCQs and enrich your understanding of Computer Science. Happy exploring!
