COMPTIA Pintest+ – International Academy

Welcome to your COMPTIA Pintest+

A compliance-based penetration test is primarily concerned with:

Obtaining Pll from the protected network.

Bypassing protection on edge devices.

Determining the efficacy of a specific set of security standards.

Obtaining specific information from the protected network.

After analyzing and correlating activity from multiple sensors, the security analyst has determined a group from a high-risk country is responsible for a sophisticated breach of the company network and continuous administration of targeted attacks for the past three months. Until now, the attacks went unnoticed. This is an example of:

Privilege escalation.

Advanced persistent threat.

Malicious insider threat.

Spear phishing.

A system administrator who was using an account with elevated privileges deleted a large amount of log files generated by a virtual hypervisor in order to free up disk space. These log files are needed by the security team to analyze the health of the virtual machines. Which of the following compensating controls would help prevent this from reoccurring? (Choose two.)

Succession planning

Separation of duties

Mandatory vacation

Personnel training

Job rotation

An analyst was tasked with providing recommendations of technologies that are PKI X.509 compliant for a variety of secure functions. Which of the following technologies meet the compatibility requirement? (Choose three.)

3DES

AES

IDEA

PKCS

PGP

SSL/TLS

TEMPEST

A company has recently launched a new billing invoice website for a few key vendors. The cybersecurity analyst is receiving calls that the website is performing slowly and the pages sometimes time out. The analyst notices the website is receiving millions of requests, causing the service to become unavailable. Which of the following can be implemented to maintain the availability of the website?

VPN

Honeypot

Whitelisting

DMZ

MAC filtering

Due to new regulations, a company has decided to institute an organizational vulnerability management program and assign the function to the security team. Which of the following frameworks would BEST support the program? (Choose two.)

COBIT

NIST

ISO 27000 series

ITIL

OWASP

An analyst wants to use a command line tool to identify open ports and running services on a host along with the application that is associated with those services and port. Which of the following should the analyst use?

Wireshark

Qualys

Netstat

Nmap

Ping

An administrator has been investigating the way in which an actor had been exfiltrating confidential data from a web server to a foreign host. After a thorough forensic review, the administrator determined the server's BIOS had been modified by rootkit installation. After removing the rootkit and flashing the BIOS to a known good state, which of the following would BEST protect against future adversary access to the BIOS, in case another rootkit is installed?

Anti-malware application

Host-based IDS

TPM data sealing

File integrity monitoring

Law enforcement has contacted a corporation's legal counsel because correlated data from a breach shows the organization as the common denominator from all indicators of compromise. An employee overhears the conversation between legal counsel and law enforcement, and then posts a comment about it on social media. The media then starts contacting other employees about the breach. Which of the following steps should be taken to prevent further disclosure of information about the breach?

Perform security awareness training about incident communication.

Request all employees verbally commit to an NDA about the breach.

Temporarily disable employee access to social media

Have law enforcement meet with employees.

An analyst has received unusual alerts on the SIEM dashboard. The analyst wants to get payloads that the hackers are sending toward the target systems without impacting the business operation. Which of the following should the analyst implement?

Honeypot

Jump box

Sandboxing

Virtualization