Exam2pass
0 items Sign In or Register
  • Home
  • IT Exams
  • Guarantee
  • FAQs
  • Reviews
  • Contact Us
  • Demo
Exam2pass > Mile2 > Mile2 Certifications > MK0-201 > MK0-201 Online Practice Questions and Answers

MK0-201 Online Practice Questions and Answers

Questions 4

Which are methods that attackers use to find buffer overflows?Choose all that apply.

A. Trial and error

B. Decompile the executable binary of the application

C. Decompile the executable binary of a software patch

D. Analyze source code,if available

Buy Now

Correct Answer: ABCD

Questions 5

Having just downloaded a new version of Cain and Abel,you wish to monitor your network for clear text passwords being sent.

Knowing you are currently connected to a switch you will attempt to perform an ARP poisoning attack that will let you look at all the packets and not only packets sent to your own machine.

What would you call this type of sniffing?

A. Passing Sniffing

B. Active Sniffing

C. ARP Sniffing

D. All stations sniffing

Buy Now

Correct Answer: B

Questions 6

Dozens of methodologies exist on the market today.Most of them follow the very high level steps.

Which of the following would represent the most common and logical approach to penetration testing from the first step being accomplished on the left to the last step being done on the right side of the statement below?

A. Scanning,Footprinting,Enumeration,Penetration

B. Footprinting,Enumeration,Scanning,Penetration

C. Footprinting,Scanning,Enumeration,Penetration

D. Penetration,Enumeration,Scanning,Footprinting

Buy Now

Correct Answer: C

Questions 7

Which of the following password implementation is found only in Windows 2000 and newer Windows versions?

A. LM

B. NTLM

C. NTLMv2

D. Kerberos

Buy Now

Correct Answer: D

Questions 8

MS SQL server makes use of Stored Procedures.There is an extended stored procedure called sp_makewebtask that can be used with data being returned from executed queries.What would you use this stored procedure for?

A. It is used to start a new web server instance

B. It is used to create and HTML page

C. It is used to perform an entry within a database

D. It is used to schedule a job task

Buy Now

Correct Answer: B

Questions 9

Doing Operating System identification remotely is an art that requires analysis of responses from packets being sent.In order to do so efficiently,a methodology called fuzzy logic is often used. Which of the following would best describe what fuzzy logic is?

A. A problem solving control system

B. A special type of port scan

C. An operating system feature

D. A hardware device for OS identification

Buy Now

Correct Answer: A

Questions 10

One of your clients has been the victim of a brute force attack against their SSH server.

They ask you what could be done to protect their Linux servers.You propose the use of IP Tables (the built in kernel firewall) to limit connection attempts to protect their servers.You agree with your client to limit connections to the SSH port to a maximum of only three trials per minutes consideirng there is only one administrator who has a valid need to connect remotely onto this port.

If the threshold of three connectors is exceeded,the attacker will have to wait for another 60 seconds before it will resume allowing connections again.

Which of the following IP Tables entry would meet your clients needs?

A. iptables-A INPUT -p tcp -dport 23 -m state -state NEW -m recent -update -second 60 -hitcount4 -rttl name SSH -j DROP

B. iptables-A INPUT -p tcp -dport 22 -m state -state NEW -m recent -update -second 60 -hit count3 -rttl name SSH -j DROP

C. iptables-A INPUT -p tcp -dport 22 -m state -state NEW -m recent -update -second 60 -hitcount4 -rttl name SSH -j DROP

D. iptables-A OUTPUT -p tcp -dport 23 -m state -state NEW -m recent -update -second 60 -hitcount4 -rttl name SdSH -j DROP

Buy Now

Correct Answer: C

Questions 11

What is one possible method that hackers can use to sniff SSL connections?Choose the best answer.

A. Use dsniff

B. Act as a man in the middle between the client and the webserver and send the client a fake certificate that the user will accept as legitimate

C. Use SSLSniff to sniff the session key exchange

D. Use SSL Relay

Buy Now

Correct Answer: B

Questions 12

Cracking encryption is often impossible due to time constraints whereby it would take hundreds of years in some cases.

Great advancement has taken place lately regarding the cracking of password based on the time memory trade-off.

Such an attack allows an attacker to crack the password within a very short period of time.

Under the memory trade-off technique,which of the followig would be used to speed the cracking of password?

A. Large dictionaries

B. Large collection of common passwords

C. Pre Computed hashes tables

D. Pre sorted dictionaries will most likely matches tried first

Buy Now

Correct Answer: C

Questions 13

Keen administrators (the enemy of penetration testers)will take great steps in order to collect logs on different servers.By having a detailed log of activities they may be able to detect abnormal activities.

A skilled intruder will attempt to modify the logging policy in order to prevent the administrator from having access to his detailed log.What command line tool could an attacker use to disable auditing on a Windows server?

A. Syslog

B. Eventlog

C. Auditpol

D. Auditlog

Buy Now

Correct Answer: C

Exam Code: MK0-201
Exam Name: Certified Penetration Testing Specialist (CPTS)
Last Update: Jul 01, 2026
Questions: 247

PDF (Q&A)

$45.99
ADD TO CART

VCE

$49.99
ADD TO CART

PDF + VCE

$59.99
ADD TO CART

Exam2Pass----The Most Reliable Exam Preparation Assistance

There are tens of thousands of certification exam dumps provided on the internet. And how to choose the most reliable one among them is the first problem one certification candidate should face. Exam2Pass provide a shot cut to pass the exam and get the certification. If you need help on any questions or any Exam2Pass exam PDF and VCE simulators, customer support team is ready to help at any time when required.

Home | Guarantee & Policy |  Privacy & Policy |  Terms & Conditions |  How to buy |  FAQs |  About Us |  Contact Us |  Demo |  Reviews

2026 Copyright @ exam2pass.com All trademarks are the property of their respective vendors. We are not associated with any of them.