Welcome to the Exploiting Network Vulnerabilities MCQs Page

Dive deep into the fascinating world of Exploiting Network Vulnerabilities with our comprehensive set of Multiple-Choice Questions (MCQs). This page is dedicated to exploring the fundamental concepts and intricacies of Exploiting Network Vulnerabilities, a crucial aspect of CompTIA PenTest+ Certification Exam PT0 002. In this section, you will encounter a diverse range of MCQs that cover various aspects of Exploiting Network Vulnerabilities, from the basic principles to advanced topics. Each question is thoughtfully crafted to challenge your knowledge and deepen your understanding of this critical subcategory within CompTIA PenTest+ Certification Exam PT0 002.

Check out the MCQs below to embark on an enriching journey through Exploiting Network Vulnerabilities. Test your knowledge, expand your horizons, and solidify your grasp on this vital area of CompTIA PenTest+ Certification Exam PT0 002.

Note: Each MCQ comes with multiple answer choices. Select the most appropriate option and test your understanding of Exploiting Network Vulnerabilities. You can click on an option to test your knowledge before viewing the solution for a MCQ. Happy learning!

Exploiting Network Vulnerabilities MCQs | Page 5 of 13

Explore more Topics under CompTIA PenTest+ Certification Exam PT0 002

01

Penetration Testing

02

Planning and Scoping Penetration Tests 🔒

03

Information Gathering 🔒

04

Vulnerability Scanning 🔒

05

Analyzing Vulnerability Scans

06

Exploiting and Pivoting 🔒

07

Exploiting Physical and Social Vulnerabilities

08

Exploiting Application Vulnerabilities 🔒

09

Attacking Hosts,Cloud Technologies and Specialized Systems 🔒

10

Reporting and Communication

11

Scripting for Penetration Testing 🔒

Q41.

What is a popular target for penetration testers in Windows systems, and what vulnerability is often exploited in unpatched systems?

DNS, SYN flood

SMB, EternalBlue (MS17-010)

NetBIOS, ARP spoofing

LLMNR, DoS attacks

Discuss

Answer: (b).SMB, EternalBlue (MS17-010) Explanation:A popular target for penetration testers in Windows systems is SMB, and the vulnerability often exploited in unpatched systems is EternalBlue (MS17-010).

Q42.

What does the Metasploit tool include to target the EternalBlue vulnerability in the Windows SMB server?

HTTP Unbearable Load King (HULK)

LOIC and HOIC

Rainbow tables

An SMB exploit module

Discuss

Answer: (d).An SMB exploit module Explanation:The Metasploit tool includes an SMB exploit module to target the EternalBlue vulnerability in the Windows SMB server.

Q43.

Which services does the PenTest+ exam specifically ask test-takers to be familiar with in terms of exploits?

DHCP, ICMP, HTTP

SMB, SNMP, SMTP, FTP, DNS

ARP, VLAN, NAC

SSL, TLS, SSH

Discuss

Answer: (b).SMB, SNMP, SMTP, FTP, DNS Explanation:The PenTest+ exam specifically asks test-takers to be familiar with SMB, SNMP, SMTP, FTP, and DNS exploits.

Q44.

What is the primary purpose of Nmap in the context of network attacks?

Exploiting services

Identifying open ports and services

Gathering information about SNMP

Creating a reverse shell

Discuss

Answer: (b).Identifying open ports and services Explanation:Nmap is typically used to identify open ports and services, providing an initial list of targets for further exploration in the context of network attacks.

Q45.

Which tool is often called a network Swiss army knife and can be used for purposes such as port scanning and creating a reverse shell?

SNMP

Metasploit

Netcat

Nmap

Discuss

Answer: (c).Netcat Explanation:Netcat is often called a network Swiss army knife and can be used for purposes such as port scanning and creating a reverse shell.

Q46.

What port does SNMP commonly operate on?

161

Discuss

Answer: (c).161 Explanation:SNMP commonly operates on UDP port 161.

Q47.

What is one of the first steps for SNMP exploitation?

Running a vulnerability scan

Mapping a network for devices with SNMP enabled

Creating a reverse shell

Sending SNMP traps

Discuss

Answer: (b).Mapping a network for devices with SNMP enabled Explanation:One of the first steps for SNMP exploitation is to map a network for devices with SNMP enabled.

Q48.

Which version of SNMP is functionally equivalent to SNMP v2 but adds additional security capabilities to provide confidentiality, integrity, and authentication?

SNMP v1

SNMP v2

SNMP v3

SNMP v4

Discuss

Answer: (c).SNMP v3 Explanation:SNMP v3 is functionally equivalent to SNMP v2 but adds additional security capabilities to provide confidentiality, integrity, and authentication.

Q49.

What protocol is commonly used for sending emails, operates on TCP port 25, and can be easily identified by telnetting to the service port?

FTP

SNMP

SMTP

DNS

Discuss

Answer: (c).SMTP Explanation:SMTP (Simple Mail Transfer Protocol) is commonly used for sending emails, operates on TCP port 25, and can be easily identified by telnetting to the service port.

Q50.

Which command can be used for information gathering on an SMTP server by connecting to it and using the EXPN and VRFY commands?

RETR

LIST

VRFY

PWD

Discuss

Answer: (c).VRFY Explanation:The VRFY command can be used for information gathering on an SMTP server by connecting to it and using the EXPN and VRFY commands.

Page 5 of 13

Planning and Scoping Penetration Tests 🔒

Information Gathering 🔒

Vulnerability Scanning 🔒

Exploiting and Pivoting 🔒

Exploiting Application Vulnerabilities 🔒

Attacking Hosts,Cloud Technologies and Specialized Systems 🔒

Scripting for Penetration Testing 🔒

Welcome to the Exploiting Network Vulnerabilities MCQs Page

Exploiting Network Vulnerabilities MCQs | Page 5 of 13

Explore more Topics under CompTIA PenTest+ Certification Exam PT0 002

Penetration Testing

Analyzing Vulnerability Scans

Exploiting Physical and Social Vulnerabilities

Reporting and Communication

Suggested Topics

Cloud Computing

HTML

Management Information Systems

Embedded Systems

Computer Graphics

Digital Image Processing (DIP)

UNIX

Java Spring Framework

Neural Networks