- Home
- CompTIA
- CompTIA PenTest+ Exam
- CompTIA.PT0-003.v2024-08-09.q184
- Question 170
Valid PT0-003 Dumps shared by ExamDiscuss.com for Helping Passing PT0-003 Exam! ExamDiscuss.com now offer the newest PT0-003 exam dumps, the ExamDiscuss.com PT0-003 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com PT0-003 dumps with Test Engine here:
Access PT0-003 Dumps Premium Version
(254 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 170/184
During an assessment, a penetration tester inspected a log and found a series of thousands of requests coming from a single IP address to the same URL. A few of the requests are listed below.
Which of the following vulnerabilities was the attacker trying to exploit?
Which of the following vulnerabilities was the attacker trying to exploit?
Correct Answer: D
The attacker is sequentially changing the serviceID parameter in the URL, likely in an attempt to access objects that they are not authorized to see. This is indicative of an attempt to exploit an Insecure Direct Object Reference (IDOR) vulnerability, where unauthorized access to objects can occur by manipulating input or changing parameters in the URL.
An insecure direct object reference (IDOR) vulnerability occurs when an application exposes a reference to an internal object, such as a file, directory, database record, or key, without any proper authorization or validation mechanism. This allows an attacker to manipulate the reference and access other objects that they are not authorized to access. In this case, the attacker was trying to exploit the IDOR vulnerability in the servicestatus.php script, which accepts a serviceID parameter that directly references a service object. By changing the value of the serviceID parameter, the attacker could access different services that they were not supposed to see. References: The Official CompTIA PenTest+ Student Guide (Exam PT0-002) eBook, Chapter 4, Section 4.2.2: Insecure Direct Object References; Best PenTest+ certification study resources and training materials, Section 1: Cross-site Scripting (XSS) Attack.
An insecure direct object reference (IDOR) vulnerability occurs when an application exposes a reference to an internal object, such as a file, directory, database record, or key, without any proper authorization or validation mechanism. This allows an attacker to manipulate the reference and access other objects that they are not authorized to access. In this case, the attacker was trying to exploit the IDOR vulnerability in the servicestatus.php script, which accepts a serviceID parameter that directly references a service object. By changing the value of the serviceID parameter, the attacker could access different services that they were not supposed to see. References: The Official CompTIA PenTest+ Student Guide (Exam PT0-002) eBook, Chapter 4, Section 4.2.2: Insecure Direct Object References; Best PenTest+ certification study resources and training materials, Section 1: Cross-site Scripting (XSS) Attack.
- Question List (184q)
- Question 1: A penetration tester is reviewing the security of a web appl...
- Question 2: User credentials were captured from a database during an ass...
- Question 3: During an engagement, a penetration tester found the followi...
- Question 4: A security analyst needs to perform an on-path attack on BLE...
- Question 5: A penetration tester who is performing a physical assessment...
- Question 6: A company obtained permission for a vulnerability scan from ...
- Question 7: Given the following output: User-agent:* Disallow: /author/ ...
- Question 8: A penetration tester is testing a new version of a mobile ap...
- Question 9: A new security firm is onboarding its first client. The clie...
- Question 10: During a vulnerability scan a penetration tester enters the ...
- Question 11: Which of the following is the BEST resource for obtaining pa...
- Question 12: A penetration tester is looking for a vulnerability that ena...
- Question 13: A penetration testing firm performs an assessment every six ...
- Question 14: A penetration tester has gained access to a network device t...
- Question 15: A penetration tester needs to perform a test on a finance sy...
- Question 16: As part of an active reconnaissance, a penetration tester in...
- Question 17: An assessor wants to use Nmap to help map out a stateful fir...
- Question 18: A penetration tester fuzzes an internal server looking for h...
- Question 19: A penetration tester is testing input validation on a search...
- Question 20: A penetration tester wants to test a list of common password...
- Question 21: The provision that defines the level of responsibility betwe...
- Question 22: ion tester is attempting to get more people from a target co...
- Question 23: During an assessment, a penetration tester obtains a list of...
- Question 24: A penetration tester finds a PHP script used by a web applic...
- Question 25: Which of the following is the most secure method for sending...
- Question 26: A penetration tester is trying to bypass an active response ...
- Question 27: A penetration tester is testing a web application that is ho...
- Question 28: A penetration tester has gained access to part of an interna...
- Question 29: Given the following code: $p = (80, 110, 25) $network = (192...
- Question 30: In Java and C/C++, variable initialization is critical becau...
- Question 31: A security firm has been hired to perform an external penetr...
- Question 32: A penetration tester wants to find hidden information in doc...
- Question 33: Which of the following protocols or technologies would provi...
- Question 34: When accessing the URL http://192.168.0-1/validate/user.php,...
- Question 35: A security company has been contracted to perform a scoped i...
- Question 36: A security analyst is conducting an unknown environment test...
- Question 37: A penetration tester is looking for a particular type of ser...
- Question 38: A penetration tester wants to identify CVEs that can be leve...
- Question 39: Which of the following expressions in Python increase a vari...
- Question 40: A penetration tester issues the following command after obta...
- Question 41: A company conducted a simulated phishing attack by sending i...
- Question 42: A penetration tester opened a reverse shell on a Linux web s...
- Question 43: A penetration tester has been hired to examine a website for...
- Question 44: During an assessment, a penetration tester found a suspiciou...
- Question 45: A penetration tester conducted a discovery scan that generat...
- Question 46: A penetration tester discovers a vulnerable web server at 10...
- Question 47: A penetration tester has established an on-path position bet...
- Question 48: A penetration tester noticed that an employee was using a wi...
- Question 49: A client has requested that the penetration test scan includ...
- Question 50: During a penetration test, a tester is in close proximity to...
- Question 51: A penetration tester wrote the following Bash script to brut...
- Question 52: Which of the following members of a client organization are ...
- Question 53: Which of the following tools would BEST allow a penetration ...
- Question 54: A penetration tester finds a PHP script used by a web applic...
- Question 55: A penetration tester is testing a company's public API and d...
- Question 56: A penetration tester was hired to perform a physical securit...
- Question 57: Which of the following provides a matrix of common tactics a...
- Question 58: A penetration tester is performing an assessment for an orga...
- Question 59: A penetration tester examines a web-based shopping catalog a...
- Question 60: A penetration tester runs the following command on a system:...
- Question 61: The attacking machine is on the same LAN segment as the targ...
- Question 62: A penetration tester has been provided with only the public ...
- Question 63: A company that requires minimal disruption to its daily acti...
- Question 64: Running a vulnerability scanner on a hybrid network segment ...
- Question 65: A penetration tester was contracted to test a proprietary ap...
- Question 66: A penetration tester recently completed a review of the secu...
- Question 67: A penetration tester is reviewing the following SOW prior to...
- Question 68: A penetration tester conducted a vulnerability scan against ...
- Question 69: A penetration tester requested, without express authorizatio...
- Question 70: After gaining access to a previous system, a penetration tes...
- Question 71: A penetration tester has found indicators that a privileged ...
- Question 72: A penetration tester ran an Nmap scan on an Internet-facing ...
- Question 73: A penetration tester is conducting an assessment on 192.168....
- Question 74: A Chief Information Security Officer wants a penetration tes...
- Question 75: You are a penetration tester running port scans on a server....
- Question 76: Which of the following should a penetration tester do NEXT a...
- Question 77: Which of the following would assist a penetration tester the...
- Question 78: The results of an Nmap scan are as follows: Starting Nmap 7....
- Question 79: A penetration tester gains access to a system and establishe...
- Question 80: A penetration tester is performing a vulnerability scan on a...
- Question 81: A penetration tester wants to accomplish ARP poisoning as pa...
- Question 82: A Chief Information Security Officer wants to evaluate the s...
- Question 83: A company's Chief Executive Officer has created a secondary ...
- Question 84: Which of the following assessment methods is the most likely...
- Question 85: Which of the following types of information would most likel...
- Question 86: During a client engagement, a penetration tester runs the fo...
- Question 87: Given the following script: while True: print ("Hello World"...
- Question 88: After performing a web penetration test, a security consulta...
- Question 89: A company that developers embedded software for the automobi...
- Question 90: A penetration tester runs the following command: nmap -p- -A...
- Question 91: Which of the following should a penetration tester consider ...
- Question 92: A penetration tester has completed an analysis of the variou...
- Question 93: A penetration tester has been given eight business hours to ...
- Question 94: A company requires that all hypervisors have the latest avai...
- Question 95: During a penetration test, a tester is able to change values...
- Question 96: Which of the following would MOST likely be included in the ...
- Question 97: A penetration tester wrote the following script to be used i...
- Question 98: A penetration tester is evaluating a company's network perim...
- Question 99: A penetration tester has identified several newly released C...
- Question 100: A penetration tester is contracted to attack an oil rig netw...
- Question 101: Which of the following assessment methods is MOST likely to ...
- Question 102: Which of the following documents is agreed upon by all parti...
- Question 103: A consultant just performed a SYN scan of all the open ports...
- Question 104: A company hired a penetration tester to do a social-engineer...
- Question 105: A penetration tester is assessing a wireless network. Althou...
- Question 106: A penetration tester is required to perform a vulnerability ...
- Question 107: The following output is from reconnaissance on a public-faci...
- Question 108: Which of the following describes the reason why a penetratio...
- Question 109: A security engineer identified a new server on the network a...
- Question 110: A company is concerned that its cloud VM is vulnerable to a ...
- Question 111: A security firm is discussing the results of a penetration t...
- Question 112: A penetration tester is enumerating shares and receives the ...
- Question 113: After running the enum4linux.pl command, a penetration teste...
- Question 114: A penetration tester is cleaning up and covering tracks at t...
- Question 115: Which of the following describes how a penetration tester co...
- Question 116: A penetration tester needs to upload the results of a port s...
- Question 117: A penetration tester is performing reconnaissance for a web ...
- Question 118: Given the following code: (Exhibit) Which of the following d...
- Question 119: An organization wants to identify whether a less secure prot...
- Question 120: A penetration tester gains access to a system and is able to...
- Question 121: Performing a penetration test against an environment with SC...
- Question 122: A penetration tester is working to enumerate the PLC devices...
- Question 123: A security firm is discussing the results of a penetration t...
- Question 124: A penetration tester was able to compromise a server and esc...
- Question 125: Penetration tester who was exclusively authorized to conduct...
- Question 126: A penetration tester who is performing an engagement notices...
- Question 127: Which of the following is a rules engine for managing public...
- Question 128: A penetration tester needs to access a building that is guar...
- Question 129: Which of the following BEST describe the OWASP Top 10? (Choo...
- Question 130: Which of the following factors would a penetration tester mo...
- Question 131: A penetration tester is performing an assessment for an appl...
- Question 132: A penetration tester is working on a scoping document with a...
- Question 133: A penetration tester is conducting an engagement against an ...
- Question 134: A company uses a cloud provider with shared network bandwidt...
- Question 135: The output from a penetration testing tool shows 100 hosts c...
- Question 136: A penetration-testing team is conducting a physical penetrat...
- Question 137: A penetration tester discovered that a client uses cloud mai...
- Question 138: During a penetration test, you gain access to a system with ...
- Question 139: During a penetration test, the domain names, IP ranges, host...
- Question 140: A tester who is performing a penetration test discovers an o...
- Question 141: A security professional wants to test an IoT device by sendi...
- Question 142: Which of the following BEST explains why a penetration teste...
- Question 143: Which of the following elements of a penetration testing rep...
- Question 144: Company.com has hired a penetration tester to conduct a phis...
- Question 145: A potential reason for communicating with the client point o...
- Question 146: An external consulting firm is hired to perform a penetratio...
- Question 147: A client asks a penetration tester to retest its network a w...
- Question 148: A penetration tester utilized Nmap to scan host 64.13.134.52...
- Question 149: A penetration tester is conducting a penetration test and di...
- Question 150: A penetration tester who is doing a security assessment disc...
- Question 151: Penetration tester has discovered an unknown Linux 64-bit ex...
- Question 152: Which of the following tools would be BEST suited to perform...
- Question 153: Which of the following provides an exploitation suite with p...
- Question 154: A penetration tester is attempting to discover live hosts on...
- Question 155: A penetration tester exploited a vulnerability on a server a...
- Question 156: A penetration tester is conducting an Nmap scan and wants to...
- Question 157: During the scoping phase of an assessment, a client requeste...
- Question 158: Which of the following is most important to include in the f...
- Question 159: A customer adds a requirement to the scope of a penetration ...
- Question 160: Which of the following tools should a penetration tester use...
- Question 161: A penetration tester opened a shell on a laptop at a client'...
- Question 162: A penetration tester is testing a new API for the company's ...
- Question 163: A final penetration test report has been submitted to the bo...
- Question 164: Which of the following commands will allow a penetration tes...
- Question 165: A penetration tester is scanning a corporate lab network for...
- Question 166: A penetration tester wants to validate the effectiveness of ...
- Question 167: A penetration tester wants to find the password for any acco...
- Question 168: A penetration tester was hired to test Wi-Fi equipment. Whic...
- Question 169: A security analyst needs to perform a scan for SMB port 445 ...
- Question 170: During an assessment, a penetration tester inspected a log a...
- Question 171: During a code review assessment, a penetration tester finds ...
- Question 172: An Nmap scan of a network switch reveals the following: (Exh...
- Question 173: Which of the following is the most important aspect to consi...
- Question 174: A company has recruited a penetration tester to conduct a vu...
- Question 175: An organization's Chief Information Security Officer debates...
- Question 176: During a penetration-testing engagement, a consultant perfor...
- Question 177: A penetration tester is exploring a client's website. The te...
- Question 178: A penetration tester managed to exploit a vulnerability usin...
- Question 179: Which of the following is the most common vulnerability asso...
- Question 180: A penetration tester completed a vulnerability scan against ...
- Question 181: A penetration tester is conducting an assessment for an e-co...
- Question 182: A penetration tester was able to gain access successfully to...
- Question 183: Which of the following tools would help a penetration tester...
- Question 184: Which of the following best explains why communication is a ...
