ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam PT1-002 All Questions

View all questions & answers for the PT1-002 exam
Go to Exam

Exam PT1-002 topic 1 question 43 discussion

Actual exam question from CompTIA's PT1-002
Question #: 43
Topic #: 1
[All PT1-002 Questions]

A software development team is concerned that a new product's 64-bit Windows binaries can be deconstructed to the underlying code. Which of the following tools can a penetration tester utilize to help the team gauge what an attacker might see in the binaries?

  • A. Immunity Debugger
  • B. OllyDbg
  • C. GDB
  • D. Drozer
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by BinarySoldier at Nov. 24, 2021, 5:55 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
yeti87
1 year, 3 months ago
Selected Answer: C
Immunity is for python OllyDbg can only do 32bit windows GDB can do 64bit windows Drozer is for mobile Therefore its C. GDB
upvoted 1 times
...
Anarckii
2 years, 1 month ago
Selected Answer: B
I was confused on this at first and chose C: GDB, but looking at CompTIA Pentest+ for Dummies I found this: GDB (a Linux debugger),and WinDbg (a Windows debugger). I feel this is where CompTIA is trying to confuse us since the question is talking about Windows. So it can't be GDB. B. OllyDbg: A debugger you can use when you do not have the source code available.
upvoted 1 times
Anarckii
2 years, 1 month ago
Actually correction A. Immunity Debugger would be the recommended choice between the two tools for helping the team gauge what an attacker might see in the binaries. Olly has not been updated for some time and cannot disassemble binaries compiled for 64-bit processors
upvoted 2 times
...
...
lifehacker0777
2 years, 3 months ago
Selected Answer: C
Immunity Debugger and Olly Debugger does not have a 64bit debugger and Drozer is for android. If "X64dbg" was here as an answer, it will be the answer for sure, but since its not here, going with GNU GDB.
upvoted 2 times
...
ronniehaang
2 years, 6 months ago
Selected Answer: B
OllyDbg is a Windows debugger that works on binary code at the assembly language level. Immunity Debugger is designed specifically to support penetration testing and the reverse engineering of malware. GDB is a widely used open source debugger for Linux that works with a variety of programming languages. Drozer is a security audit and attack framework for Android devices and apps.
upvoted 4 times
...
am2005
3 years, 3 months ago
Answer Is B Versiоn 2.0 wаs releаsed in June 2010, аnd ОllyDbg hаs been rewritten frоm the grоund uр in this releаse.
upvoted 3 times
TheITStudent
2 years, 11 months ago
" Version 2.0 was released in June 2010, and OllyDbg has been rewritten from the ground up in this release. Although the current version of OllyDbg cannot disassemble binaries compiled for 64-bit processors, a 64-bit version of the debugger has been promised.[1]" Wrong, answer is not B https://www.ollydbg.de/odbg64.html
upvoted 1 times
...
...
Adonist
3 years, 3 months ago
Selected Answer: C
From the options given, GDB is the only one that does 64 bit
upvoted 4 times
some_specialist
3 years, 3 months ago
But it says Windows, not GNU.
upvoted 1 times
Adonist
3 years, 2 months ago
GNU is not an operating system. Also if you look at their documentation it says:"Those programs might be executing on the same machine as GDB (native), on another machine (remote), or on a simulator. GDB can run on most popular UNIX and Microsoft Windows variants, as well as on Mac OS X."
upvoted 4 times
...
...
...
Davar39
3 years, 6 months ago
Both are pretty similar, I will go with B based on the below link. https://stackoverflow.com/questions/273145/is-it-possible-to-decompile-a-windows-exe-or-at-least-view-the-assembly
upvoted 3 times
...
BinarySoldier
3 years, 7 months ago
With the options given, B is the best answer.
upvoted 4 times
rogal
3 years, 7 months ago
Although the current version of OllyDbg cannot disassemble binaries compiled for 64-bit processors, a 64-bit version of the debugger has been promised. I'm thinking about A.
upvoted 3 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel