Summer Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: buysanta

Exact2Pass Menu

CompTIA PenTest+ Certification Exam

Last Update 16 hours ago Total Questions : 464

The CompTIA PenTest+ Certification Exam content is now fully updated, with all current exam questions added 16 hours ago. Deciding to include PT0-002 practice exam questions in your study plan goes far beyond basic test preparation.

You'll find that our PT0-002 exam questions frequently feature detailed scenarios and practical problem-solving exercises that directly mirror industry challenges. Engaging with these PT0-002 sample sets allows you to effectively manage your time and pace yourself, giving you the ability to finish any CompTIA PenTest+ Certification Exam practice test comfortably within the allotted time.

Question # 111

During an assessment, a penetration tester found a suspicious script that could indicate a prior compromise. While reading the script, the penetration tester noticed the following lines of code:

Which of the following was the script author trying to do?

A.

Spawn a local shell.

B.

Disable NIC.

C.

List processes.

D.

Change the MAC address

Question # 112

A penetration tester breaks into a company ' s office building and discovers the company does not have a shredding service. Which of the following attacks should the penetration tester try next?

A.

Dumpster diving

B.

Phishing

C.

Shoulder surfing

D.

Tailgating

Question # 113

A penetration tester has gained access to the Chief Executive Officer ' s (CEO ' s) internal, corporate email. The next objective is to gain access to the network.

Which of the following methods will MOST likely work?

A.

Try to obtain the private key used for S/MIME from the CEO ' s account.

B.

Send an email from the CEO ' s account, requesting a new account.

C.

Move laterally from the mail server to the domain controller.

D.

Attempt to escalate privileges on the mail server to gain root access.

Question # 114

Penetration tester has discovered an unknown Linux 64-bit executable binary. Which of the following tools would be BEST to use to analyze this issue?

A.

Peach

B.

WinDbg

C.

GDB

D.

OllyDbg

Question # 115

Which of the following is the most secure method for sending the penetration test report to the client?

A.

Sending the penetration test report on an online storage system.

B.

Sending the penetration test report inside a password-protected ZIP file.

C.

Sending the penetration test report via webmail using an HTTPS connection.

D.

Encrypting the penetration test report with the client’s public key and sending it via email.

Question # 116

A penetration tester is conducting a penetration test and discovers a vulnerability on a web server that is owned by the client. Exploiting the vulnerability allows the tester to open a reverse shell. Enumerating the server for privilege escalation, the tester discovers the following:

Which of the following should the penetration tester do NEXT?

A.

Close the reverse shell the tester is using.

B.

Note this finding for inclusion in the final report.

C.

Investigate the high numbered port connections.

D.

Contact the client immediately.

Question # 117

An organization wants to identify whether a less secure protocol is being utilized on a wireless network. Which of the following types of attacks will achieve this goal?

A.

Protocol negotiation

B.

Packet sniffing

C.

Four-way handshake

D.

Downgrade attack

Question # 118

A penetration tester was able to compromise a web server and move laterally into a Linux web server. The tester now wants to determine the identity of the last user who signed in to the web server. Which of the following log files will show this activity?

A.

/var/log/messages

B.

/var/log/last_user

C.

/var/log/user_log

D.

/var/log/lastlog

Question # 119

A penetration tester observes an application enforcing strict access controls. Which of the following would allow the tester to bypass these controls and successfully access the organization ' s sensitive files?

A.

Remote file inclusion

B.

Cross-site scripting

C.

SQL injection

D.

Insecure direct object references

Question # 120

Which of the following is the most important aspect to consider when calculating the price of a penetration test service for a client?

A.

Operating cost

B.

Required scope of work

C.

Non-disclosure agreement

D.

Client ' s budget

Go to page: