exam questions

Exam PT0-002 All Questions

View all questions & answers for the PT0-002 exam

Exam PT0-002 topic 1 question 11 discussion

Actual exam question from CompTIA's PT0-002
Question #: 11
Topic #: 1
[All PT0-002 Questions]

SIMULATION -
You are a penetration tester reviewing a client's website through a web browser.

INSTRUCTIONS -
Review all components of the website through the browser to determine if vulnerabilities are present.
Remediate ONLY the highest vulnerability from either the certificate, source, or cookies.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.







Show Suggested Answer Hide Answer
Suggested Answer: See explanation below.
Step 1: Generate Certificate Signing Request

Step 2: Submit CSR to the CA -
Step 3: Remove certificate from the server
Step 4: Install re-issued certificate on the server

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
RRabbit_111
Highly Voted 5 months, 3 weeks ago
Generate a Certificate Signing Request (CSR): This step is the first step in the process of obtaining a new certificate. The CSR is a file that contains information about the website and the organization that operates it, as well as a public key. This file is then sent to a Certificate Authority (CA) to request a new certificate. Submit CSR to the CA: Once the CSR is generated, it is sent to the chosen CA. The CA will then validate the information in the CSR and issue a new certificate. Install re-issued certificate on the server: Once the new certificate is issued, it needs to be installed on the server. This step ensures that the new certificate is properly configured and can be used to secure the website. Remove certificate from server: After the new certificate is installed, the old certificate needs to be removed from the server to avoid any confusion or security issues.
upvoted 14 times
...
RightAsTain
Highly Voted 2 years, 5 months ago
An expired cert still has the public key and can complete the TLS handshake. I trouble shoot cert issues at work all the time so that definitely isn't a vulnerability. Look at the HTML. The username and password are commented out. Who cares about cookies and a secure connection when you can have access to the admin account. lol
upvoted 8 times
Mr_BuCk3th34D
2 years, 2 months ago
How can you tell if the cert is expired? What if one created that question from old exam back in 2018? There's no info there to confirm that the cert is really expired. Unsecure cookies seems like a higher vulnerability to me. Talking about the username and password, those are not the credentials are just the field names.
upvoted 3 times
boxv4
1 year, 6 months ago
On the coockies, there were sessions dated the year 2019. therefore we can safely assume the certs have expired. I asked myself the same question.
upvoted 3 times
...
Mr_BuCk3th34D
2 years, 2 months ago
Also - If the cookie transport security is not set up properly, the hacker can access sensitive information stored in those cookies, regardless if the Web application uses SSL. The attacker can then gather sensitive data stored in those cookies.
upvoted 3 times
...
...
...
Johnny34
Most Recent 1 year, 2 months ago
Can anyone explain why the ASP.net cookie is bad?
upvoted 4 times
...
Caoilfhion
1 year, 3 months ago
Heads up: THIS question was asking the test taker to remediate the MOST vulnerable thing. Comptia has deemed the certificate as the most vulnerable thing. HOWEVER, watch the wording because some students have reported being asked to remediate all 3! Good luck, guys!
upvoted 6 times
...
user548
1 year, 5 months ago
#remediatecertificate Step 1: Generate Certificate Signing Request Step 2: Submit CSR to the CA - Step 3: Install re-issued certificate on the server Step 4: Remove certificate from the server
upvoted 5 times
user548
1 year, 5 months ago
#remediatesource LINE 6-9 The CSRF token is embedded in the HTML code. While not necessarily a vulnerability on its own, the way it is used in the code can potentially lead to security issues if not handled properly. LINE 10-12 The script tag is inserted within the select element. This allows for potential injection of arbitrary JavaScript code, which can be a security vulnerability XSS. LINE 14 The action attribute of the form element is populated with data from the server without proper escaping or validation. Depending on how the server handles this input, it might be a potential vulnerability. Line 20-26 The code contains multiple instances of input elements where the value attribute is populated with data from the server without proper escaping or validation. This can be a security risk if the data is not sanitized and validated correctly.
upvoted 5 times
user548
1 year, 5 months ago
#remediatecookies | Order | HTTP | SECURE | SameSite | |---|---|---|---| | 1 | False | True | True | | 2 | False | False | False | | 3 | False | False | False | | 4 | False | False | False | | 5 | False | False | False | | 6 | False | False | False | | 7 | False | False | False | | 8 | False | False | False | | 9 | False | False | False |
upvoted 3 times
JoseAju
1 week, 1 day ago
Hi, how do we tackle this part. True means tick the box? False leave it blank?
upvoted 1 times
...
...
...
...
OnA_Mule
1 year, 10 months ago
The way this question is worded, it seems to have 2 parts. Part 1: Which is the highest vulnerability? Part 2: Remediate the vulnerability. For Part 1, everyone is assuming the expired certificate is the greater vulnerability, but I think having admin credentials in the source code of the web page is a much greater vulnerability than an expired certificate. The expired cert is definitely bad, but giving out admin credentials is so much worse. So getting rid of the commented admin and password lines should be the remediation. If you think a certificate is more important than admin rights to the website, by all means, choose this option, but I'll be going with the more severe vulnerability.
upvoted 1 times
Caoilfhion
1 year, 3 months ago
I agree with you, only because it feels like everyone and their mother knows to "inspect" to find that kind of stuff, even nontechie people. But unfortunately, CompTia has deemed the certificate the main problem. Taking this exam for my college degree, and the professor went over this PBQ with a "don't get tripped up here, they're just looking for the cert". It's the only PBQ directly from the exam he went over because of how much people trip up on this one, fixing all 3 or the "wrong" one :\
upvoted 4 times
...
...
AaronS1990
1 year, 11 months ago
Surely the Secure system box needs some input too? It looks to me as though there are checkboxes on the solution picture but nothing is ticked
upvoted 1 times
...
Frog_Man
2 years ago
Note, there are 3 distinct labs here. Look at question #168 for the full display. People are only answering the first part.
upvoted 1 times
...
2Fish
2 years, 1 month ago
Step 1 - Generate a Certificate Signing Request Step 2 - Submit CSR to the CA Step 3 - Install re-issued certificate on the server Step 4 - Remove Certificate from Server https://www.examtopics.com/discussions/comptia/view/53668-exam-pt0-001-topic-1-question-142-discussion/
upvoted 6 times
...
Sborrainculo
2 years, 2 months ago
There is a misalagment between what you guys suggest in step 3 - 4 and the suggested answer. Step 3 Install Step 4 Remove. But it makes sense to do the opposite: remove the certificate first then install the new one
upvoted 2 times
boxv4
1 year, 6 months ago
You remove last. I've had to update CA signed certs and what we do is technically replace the file itself, but what gets updated is the cacerts file which contains the details of the loaded cert file that is either in p7b format or cer file. The removal part is optional for when we do it, as we remove the files as necessary or just keep them in place with a name .old to keep a historical track of the times we've updated the certificates.
upvoted 2 times
...
Caoilfhion
1 year, 3 months ago
You don't remove an old cert before installing the new one, because you will close your connection unexpectedly and lock yourself out. Cert removal is last, if at all...
upvoted 1 times
...
...
ryanzou
2 years, 5 months ago
Step 1 - Generate a Certificate Signing Request Step 2 - Submit CSR to the CA Step 3 - Install re-issued certificate on the server Step 4 - Remove Certificate from Server
upvoted 6 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago