Summer Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: buysanta

Exact2Pass Menu

CompTIA PenTest+ Certification Exam

Last Update 15 hours ago Total Questions : 464

The CompTIA PenTest+ Certification Exam content is now fully updated, with all current exam questions added 15 hours ago. Deciding to include PT0-002 practice exam questions in your study plan goes far beyond basic test preparation.

You'll find that our PT0-002 exam questions frequently feature detailed scenarios and practical problem-solving exercises that directly mirror industry challenges. Engaging with these PT0-002 sample sets allows you to effectively manage your time and pace yourself, giving you the ability to finish any CompTIA PenTest+ Certification Exam practice test comfortably within the allotted time.

Question # 131

A penetration tester who is performing a physical assessment of a company’s security practices notices the company does not have any shredders inside the office building. Which of the following techniques would be BEST to use to gain confidential information?

A.

Badge cloning

B.

Dumpster diving

C.

Tailgating

D.

Shoulder surfing

Question # 132

In an unprotected network file repository, a penetration tester discovers a text file containing usernames and passwords in cleartext and a spreadsheet containing data for 50 employees, including full names, roles, and serial numbers. The tester realizes some of the passwords in the text file follow the format: < name- serial_number > . Which of the following would be the best action for the tester to take NEXT with this information?

A.

Create a custom password dictionary as preparation for password spray testing.

B.

Recommend using a password manage/vault instead of text files to store passwords securely.

C.

Recommend configuring password complexity rules in all the systems and applications.

D.

Document the unprotected file repository as a finding in the penetration-testing report.

Question # 133

A security engineer identified a new server on the network and wants to scan the host to determine if it is running an approved version of Linux and a patched version of Apache. Which of the following commands will accomplish this task?

A.

nmap –f –sV –p80 192.168.1.20

B.

nmap –sS –sL –p80 192.168.1.20

C.

nmap –A –T4 –p80 192.168.1.20

D.

nmap –O –v –p80 192.168.1.20

Question # 134

Which of the following documents describes specific activities, deliverables, and schedules for a penetration tester?

A.

NDA

B.

MSA

C.

SOW

D.

MOU

Question # 135

The results of an Nmap scan are as follows:

Which of the following would be the BEST conclusion about this device?

A.

This device may be vulnerable to the Heartbleed bug due to the way transactions over TCP/22 handle heartbeat extension packets, allowing attackers to obtain sensitive information from process memory.

B.

This device is most likely a gateway with in-band management services.

C.

This device is most likely a proxy server forwarding requests over TCP/443.

D.

This device may be vulnerable to remote code execution because of a butter overflow vulnerability in the method used to extract DNS names from packets prior to DNSSEC validation.

Question # 136

A penetration tester logs in as a user in the cloud environment of a company. Which of the following Pacu modules will enable the tester to determine the level of access of the existing user?

A.

iam_enum_permissions

B.

iam_privesc_scan

C.

iam_backdoor_assume_role

D.

iam_bruteforce_permissions

Question # 137

A penetration tester ran an Nmap scan on an Internet-facing network device with the –F option and found a few open ports. To further enumerate, the tester ran another scan using the following command:

nmap –O –A –sS –p- 100.100.100.50

Nmap returned that all 65,535 ports were filtered. Which of the following MOST likely occurred on the second scan?

A.

A firewall or IPS blocked the scan.

B.

The penetration tester used unsupported flags.

C.

The edge network device was disconnected.

D.

The scan returned ICMP echo replies.

Question # 138

A penetration tester wants to scan a target network without being detected by the client’s IDS. Which of the following scans is MOST likely to avoid detection?

A.

nmap –p0 –T0 –sS 192.168.1.10

B.

nmap –sA –sV --host-timeout 60 192.168.1.10

C.

nmap –f --badsum 192.168.1.10

D.

nmap –A –n 192.168.1.10

Question # 139

A company that requires minimal disruption to its daily activities needs a penetration tester to perform information gathering around the company’s web presence. Which of the following would the tester find MOST helpful in the initial information-gathering steps? (Choose two.)

A.

IP addresses and subdomains

B.

Zone transfers

C.

DNS forward and reverse lookups

D.

Internet search engines

E.

Externally facing open ports

F.

Shodan results

Go to page: