CompTIA Study Materials
AWS Study Materials
AWS Certified Developer Associate AWS Certified Developer Associate
AWS Certified Developer Associate DVA-C02
AWS Certified Solutions Architect Associate AWS Certified Solutions Architect Associate
AWS Certified Solutions Architect Associate SAA-C03
AWS Cloud Practitioner AWS Cloud Practitioner
AWS Cloud Practitioner CLF-C02
Microsoft Study Materials
Microsoft Azure Fundamentals Microsoft Azure Fundamentals
Microsoft Azure Fundamentals AZ-900

Free CompTIA PenTest+ PT0-002 Practice Question

During a penetration test, you perform an initial port scan using Nmap against the target web server. The scan results show that ports 80 (http) and 443 (https) are open. To expedite the testing process, which script should be executed next to further examine these services and look for potential vulnerabilities, while maintaining a degree of stealth?

  • Launch a brute force attack on the SSH service using Hydra to identify weak credentials that may be used to access the system.

  • Execute an aggressive Nessus vulnerability scan on the entire target network to identify all potential vulnerabilities regardless of service.

  • Use the sqlmap tool to automatically attempt SQL injection attacks on the web server's database services.

  • Run the Nmap script engine (NSE) with the http-enum script to locate directories that might reveal the web server's configuration and content.

This question is for objective:
Tools and Code Analysis
Your Score:
Tools and Code Analysis
Information Gathering and Vulnerability Scanning
Attacks and Exploits
Reporting and Communication
Planning and Scoping