Summer Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: buysanta

Exact2Pass Menu

CompTIA PenTest+ Certification Exam

Last Update 16 hours ago Total Questions : 464

The CompTIA PenTest+ Certification Exam content is now fully updated, with all current exam questions added 16 hours ago. Deciding to include PT0-002 practice exam questions in your study plan goes far beyond basic test preparation.

You'll find that our PT0-002 exam questions frequently feature detailed scenarios and practical problem-solving exercises that directly mirror industry challenges. Engaging with these PT0-002 sample sets allows you to effectively manage your time and pace yourself, giving you the ability to finish any CompTIA PenTest+ Certification Exam practice test comfortably within the allotted time.

Question # 91

A penetration tester exploited a vulnerability on a server and remotely ran a payload to gain a shell. However, a connection was not established, and no errors were shown on the payload execution. The penetration tester suspected that a network device, like an IPS or next-generation firewall, was dropping the connection. Which of the following payloads are MOST likely to establish a shell successfully?

A.

windows/x64/meterpreter/reverse_tcp

B.

windows/x64/meterpreter/reverse_http

C.

windows/x64/shell_reverse_tcp

D.

windows/x64/powershell_reverse_tcp

E.

windows/x64/meterpreter/reverse_https

Question # 92

A penetration tester wants to find hidden information in documents available on the web at a particular domain. Which of the following should the penetration tester use?

A.

Netcraft

B.

CentralOps

C.

Responder

D.

FOCA

Question # 93

In Python socket programming, SOCK_DGRAM type is:

A.

reliable.

B.

matrixed.

C.

connectionless.

D.

slower.

Question # 94
A.

Executive summary

B.

Testing methodology overview

C.

Attestation of findings

D.

Remediation plan

Question # 95

Which of the following best explains why a penetration tester would use ProxyChains during an assessment?

A.

To harvest credentials

B.

To use remote access tools

C.

To fingerprint the organization

D.

To automate protocols

Question # 96

A penetration tester requested, without express authorization, that a CVE number be assigned for a new vulnerability found on an internal client application. Which of the following did the penetration tester most likely breach?

A.

ROE

B.

SLA

C.

NDA

D.

SOW

Question # 97
A.

Dynamic binary

B.

Dynamic libraries

C.

Static compilation

D.

Shared objects

Question # 98

A company recently moved its software development architecture from VMs to containers. The company has asked a penetration tester to determine if the new containers are configured correctly against a DDoS attack. Which of the following should a tester perform first?

A.

Test the strength of the encryption settings.

B.

Determine if security tokens are easily available.

C.

Perform a vulnerability check against the hypervisor.

D.

.Scan the containers for open ports.

Question # 99

Which of the following situations would require a penetration tester to notify the emergency contact for the engagement?

A.

The team exploits a critical server within the organization.

B.

The team exfiltrates PII or credit card data from the organization.

C.

The team loses access to the network remotely.

D.

The team discovers another actor on a system on the network.

Question # 100

Which of the following is a regulatory compliance standard that focuses on user privacy by implementing the right to be forgotten?

A.

NIST SP 800-53

B.

ISO 27001

C.

GDPR

Go to page: