Free CompTIA PenTest+ PT0-002: 05 Exploiting Networks + Anki Cards

Ref:đź“•CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

PenTest+ (PT0-002) Chapter 05. Exploiting Wired and Wireless Networks

1 / 97

What is Kerberoasting?

2 / 97

What is a critical step in executing a DNS cache poisoning attack?

3 / 97

Which SMTP command is used to verify whether a user’s email mailbox exists?

4 / 97

Which one of the following tools from Aircrack-ng suite, can be used to sniff and analyze wireless network traffic?

5 / 97

Which command is used to initiate a Transport Layer Security (TLS) connection to an email server?

6 / 97

What is the purpose of the EternalBlue exploit in the context of penetration testing?

7 / 97

Which of the following SMTP commands is used to initiate a Transport Layer Security (TLS) connection to an email server during a security evaluation?

8 / 97

Which of the following TCP ports is used by the non-encrypted SMTP protocol for server-to-server communication?

9 / 97

What is the purpose of jamming wireless signals or causing wireless network interference?

10 / 97

What are the steps an attacker may take to exploit the WPA or WPA2 vulnerabilities using the Aircrack-ng suite of tools?

11 / 97

Which of the following NetBIOS-related operations uses UDP port 137?

12 / 97

Which SMTP command is used to initiate a Transport Layer Security (TLS) connection to an email server?

13 / 97

What is a valid vulnerability WPA and WPA2 are susceptible to that can be exploited by an attacker?

14 / 97

What is the purpose of a disassociation or deauthentication attack?

15 / 97

Which protocol is used primarily by Microsoft Windows for host identification?

16 / 97

Which tool does an attacker use to perform a deauthentication attack against a wireless network, specifically in the context of cracking a WPA PSK?

17 / 97

What is war driving?

18 / 97

What is the use of the VRFY SMTP command during a penetrative test?

19 / 97

Which of the following statements correctly describes a common attack that can be launched against RFID devices?

20 / 97

What is the purpose of configuring the RHOST and LHOST when using the EternalBlue exploit in Metasploit?

21 / 97

What is one way an attacker can conduct a BGP hijacking attack?

22 / 97

How does an attacker implement an Evil Twin Attack?

23 / 97

Which of the following tools can be used to launch a credential harvesting attack by spoofing DNS replies and diverting a user to an attacker’s local system?

24 / 97

What is ARP cache poisoning sometimes also referred to as?

25 / 97

Which command is required to configure IP address of the remote host that is going to be exploited by the EternalBlue exploit in Metasploit?

26 / 97

Which of the following is NOT a category of DoS attacks described in the text?

27 / 97

Which TCP port is used for NetBIOS Session Service?

28 / 97

What does a DHCP starvation attack involve?

29 / 97

What is a common vulnerability within the LLMNR protocol?

30 / 97

What is the TCP port number used by the default port in SMTP for non-encrypted communications?

31 / 97

What is the purpose of the ’searchsploit’ command used in Kali Linux?

32 / 97

What is the purpose of the VRFY command in SMTP?

33 / 97

What is SMTP open relay often used for?

34 / 97

Which of the following vulnerabilities can be found in the NetBIOS, LLMNR, and SMB protocols in relation to name resolution?

35 / 97

What is a known vulnerability of WPA and WPA2 that has been addressed in WPA3?

36 / 97

What is the function of the STARTTLS command in SMTP?

37 / 97

In the context of wireless network attacks, what is the purpose of a Preferred Network List (PNL) attack?

38 / 97

Which method is used by an attacker to recover the WEP Pre-shared Key (PSK)?

39 / 97

What can an attacker achieve by causing legitimate wireless clients to deauthenticate from an authentic wireless access point?

40 / 97

What is a consequence of successful exploitation of the KRACK vulnerabilities in WPA and WPA2?

41 / 97

In the process of exploiting a system with the EternalBlue exploit in Metasploit, which commands are used to set the remote host and the host for post-exploitation communication?

42 / 97

Which of the following SMTP commands is used to initiate a Transport Layer Security (TLS) connection to an email server?

43 / 97

What is the function of the RHOST in the context of the EternalBlue SMB exploit in Metasploit?

44 / 97

What does the ’EternalBlue’ exploit allow a successful attacker to do?

45 / 97

What is a SYN flood attack in the context of Direct DoS Attacks?

46 / 97

What tool, part of the Aircrack-ng suite, is used to launch a deauthentication attack as described in the provided text?

47 / 97

Which of the following attacks involves an attacker spoofing MAC addresses to trick a victim into thinking the attacker’s Layer 2 address is the address of its default gateway?

48 / 97

Which TCP port is defined for use with Secure SMTP (SSMTP) protocol for encrypted communications, in accordance with RFC 2487?

49 / 97

In a DNS Cache Poisoning attack, what does the attacker do to manipulate the victim’s communications?

50 / 97

What is the function of the ’airmon-ng check kill’ command in the context of exploiting wireless networks?

51 / 97

What is one major flaw in implementations of Simple Network Management Protocol (SNMP)?

52 / 97

What is a common mitigation method used to prevent ARP cache poisoning attacks?

53 / 97

What command is used in Kali Linux to find known SMTP exploits?

54 / 97

What is the function of TCP port 995?

55 / 97

Which protocol is considered more secure and modern compared to Simple Network Management Protocol (SNMP)?

56 / 97

What is an amplification attack in the context of DDoS?

57 / 97

Which of the following is NOT an example of network-based attacks and exploits?

58 / 97

Which of the following ports is appropriate for the Secure SMTP (SSMTP) protocol in encrypted communications using STARTTLS?

59 / 97

In the Aircrack-ng suite of tools, which command line tool is used to begin the process of cracking Wi-Fi networks?

60 / 97

What is a common vulnerability in LLMNR and how can an attacker exploit it?

61 / 97

What is the main difference between a Password Spraying attack and a Credential Stuffing attack?

62 / 97

What is a Downgrade Attack in the context of network security?

63 / 97

What is a potential vulnerability of Network Access Control (NAC) as discussed in the passage?

64 / 97

Which of the following best describes an RFID cloning process?

65 / 97

The WPA3 protocol introduced a new handshake that uses Extensible Authentication Protocol (EAP) for authentication. What is it commonly referred to as?

66 / 97

In the context of wireless fragmentation attacks, what is the function of the PRGA?

67 / 97

Which step of a WPA password attack as illustrated in the example involves capturing all the traffic to a capture file?

68 / 97

Which SMTP command is used to authenticate a client to the server?

69 / 97

Which of the following attacks can impact Bluetooth Low Energy (BLE) communications?

70 / 97

Which SMTP command is used to initiate the transfer of the contents of an email message?

71 / 97

Which of the following is NOT a basic element in a Kerberos implementation?

72 / 97

Which of the following best describes the VLAN hopping method called double tagging?

73 / 97

Which of the following SMTP commands is used to verify whether a user’s email mailbox exists?

74 / 97

What does the term ’exploit chaining’ refer to in the context of cyberattacks?

75 / 97

What does the EternalBlue exploit, when used successfully, allow?

76 / 97

What is the main goal of an attacker performing a DNS cache poisoning attack in the context of an Evil Twin attack?

77 / 97

Which SMTP command is used to authenticate a client to the server?

78 / 97

Which TCP port is used by the IMAP protocol for non-encrypted communications?

79 / 97

What is the purpose of the SMTP ’HELO’ command?

80 / 97

What is the purpose of the ’set RHOST’ and ’set LHOST’ commands in the context of using the EternalBlue exploit in Metasploit?

81 / 97

What makes wireless devices vulnerable to brute-force attacks in the context of Wi-Fi Protected Setup (WPS)?

82 / 97

Why is UDP often used as the transport mechanism in reflected DoS and DDoS attacks?

83 / 97

What command is used to start a Transport Layer Security (TLS) connection to an email server during an SMTP conversation?

84 / 97

What best describes the pass-the-hash attack in context of network exploitation?

85 / 97

What is the vulnerability in LLMNR involving an attacker spoofing an authoritative source for name resolution?

86 / 97

What type of activity does an on-path attack involve?

87 / 97

What method or software is used to determine the type and version of an FTP server during a vulnerability assessment?

88 / 97

What is the purpose of the ’set RHOST’ and ’set LHOST’ commands in the context of the EternalBlue exploit in Metasploit?

89 / 97

Which of the following is NOT a basic element of the Kerberos implementation?

90 / 97

Which SMTP command is used to initiate a Transport Layer Security (TLS) connection to an email server?

91 / 97

Which wireless attack configuration involves an attacker installing a rogue Access Point (AP) to fool users and create a backdoor into a network?

92 / 97

Which TCP port is registered by the Internet Assigned Numbers Authority (IANA) for SMTP over SSL (SMTPS)?

93 / 97

Which of the following wireless security protocols is particularly susceptible to Initialization Vector (IV) attacks?

94 / 97

Which one of the following is a common mitigation technique for ARP cache poisoning attacks?

95 / 97

What is the main method used in a KARMA attack to intercept wireless traffic?

96 / 97

What differentiates Bluejacking from Bluesnarfing in Bluetooth-based attacks?

97 / 97

Which TCP port is used by the IMAP protocol for encrypted (SSL/TLS) communications?

Your score is

Share the Post:
Previous slide
Next slide

Fill up to receive the FREE CompTIA PenTest+ deck!

* indicates required
Share the Post:

Advance your knowledge of exploiting wired and wireless networks with our CompTIA PenTest+ Chapter 05 practice questions.

This chapter covers network protocols, security weaknesses, and exploitation techniques for both wired and wireless networks.
Master these concepts to excel in network penetration testing.
Access our Free Anki decks for comprehensive preparation.
For official resources, visit CompTIA’s website.

After mastering this chapter, don’t forget to check out Chapter 06: Exploiting Application-Based Vulnerabilities to further your learning.

Related Posts

RSS  
  • Discover How to Work Remotely and Travel!
    Have you ever dreamed about working from beautiful places like Thailand or Japan, but weren’t sure if it’s possible? I’m here to share my adventures and some tips on how to make working remotely while exploring the world a reality.  Who Am I? My name is Josh, and I’m all about creating helpful content on […]
  • Why Contract Work in IT Can Be a Good Start for Your Career
    Hey buddies! Are you curious about what it’s like to work in IT and cyber security? Well, you’re in luck because today we’re diving into the world of contract work and how it might just be the jumpstart your career needed! Getting Into the World of Contract Work in IT Josh, an expert in IT […]
  • Is Cyber Security a Career That Will Last Forever?
    Hey everyone! Have you ever wondered if choosing a career in cyber security is a good idea for the long haul? Well, let’s dive into this topic with the help of Josh Maor’s insights, and find out why cyber security might just be one of the smartest career choices out there. What Is Cyber Security? […]