Free CompTIA PenTest+ PT0-002 Practice Question

During a penetration test, you perform an initial port scan using Nmap against the target web server. The scan results show that ports 80 (http) and 443 (https) are open. To expedite the testing process, which script should be executed next to further examine these services and look for potential vulnerabilities, while maintaining a degree of stealth?

  • Launch a brute force attack on the SSH service using Hydra to identify weak credentials that may be used to access the system.

  • Use the sqlmap tool to automatically attempt SQL injection attacks on the web server's database services.

  • Run the Nmap script engine (NSE) with the http-enum script to locate directories that might reveal the web server's configuration and content.

  • Execute an aggressive Nessus vulnerability scan on the entire target network to identify all potential vulnerabilities regardless of service.

This question's topic:
CompTIA PenTest+ PT0-002 / 
Tools and Code Analysis
Your Score:

Check or uncheck an objective to set which questions you will receive.

Bash, the Crucial Exams Chat Bot
AI Bot