ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam PT0-001 All Questions

View all questions & answers for the PT0-001 exam
Go to Exam

Exam PT0-001 topic 1 question 33 discussion

Actual exam question from CompTIA's PT0-001
Question #: 33
Topic #: 1
[All PT0-001 Questions]

A company requested a penetration tester review the security of an in-house developed Android application. The penetration tester received an APK file to support the assessment. The penetration tester wants to run SAST on the APK file. Which of the following preparatory steps must the penetration tester do FIRST? (Select
TWO).

  • A. Convert to JAR.
  • B. Decompile.
  • C. Cross-compile the application.
  • D. Convert JAR files to DEX.
  • E. Re-sign the APK.
  • F. Attach to ADB.
Show Suggested Answer Hide Answer
Suggested Answer: AB 🗳️
by mr_robot at April 6, 2020, 3 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
ebot
Highly Voted 4 years, 11 months ago
Pretty sure A&B https://resources.infosecinstitute.com/hacking-java-applications-using-javasnoop/#gref
upvoted 10 times
...
mr_robot
Highly Voted 5 years, 1 month ago
A and B? https://stackoverflow.com/questions/12732882/reverse-engineering-from-an-apk-file-to-a-project https://reverseengineering.stackexchange.com/questions/2703/how-do-i-analyze-a-apk-file-and-understand-its-working
upvoted 8 times
who__cares123456789___
4 years, 3 months ago
Download dex2jar tool from dex2jar. Use the tool to convert the APK file to JAR: $ d2j-dex2jar.bat demo.apk dex2jar demo.apk -> ./demo-dex2jar.jar Once the JAR file is generated, use JD-GUI to open the JAR file. You will see the Java files.
upvoted 2 times
...
...
miabe
Most Recent 2 years, 10 months ago
Selected Answer: AB
looks good to me
upvoted 1 times
...
CapCrunch
3 years, 10 months ago
Think its A, B Decompile then convert .dex file to .jar Source: https://resources.infosecinstitute.com/topic/android-application-security-testing-guide-part-1/
upvoted 1 times
...
someguy1393
4 years, 5 months ago
I'm almost positive that it's A & B. Dex files must be converted to JAR first when decompiling. They make it confusing with option D but it's backwards.
upvoted 4 times
...
D1960
5 years ago
Maybe BF?
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel