Summer Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: buysanta

Exact2Pass Menu

CompTIA PenTest+ Certification Exam

Last Update 15 hours ago Total Questions : 464

The CompTIA PenTest+ Certification Exam content is now fully updated, with all current exam questions added 15 hours ago. Deciding to include PT0-002 practice exam questions in your study plan goes far beyond basic test preparation.

You'll find that our PT0-002 exam questions frequently feature detailed scenarios and practical problem-solving exercises that directly mirror industry challenges. Engaging with these PT0-002 sample sets allows you to effectively manage your time and pace yourself, giving you the ability to finish any CompTIA PenTest+ Certification Exam practice test comfortably within the allotted time.

Question # 21
A.

Configure to stop broadcasting the SSID

B.

Using directional antennas

C.

Using WEP encryption

D.

Disabling Wi-Fi

Question # 22

bash

Copy code

for ip in $(seq 1 254);

do echo $(echo " 192.168.15.$ip " ) $(host 192.168.15.$ip dns.company.com | grep " domain name pointer " )

done | grep " domain name pointer " | cut -d " " -f1,6

Which of the following best explains the purpose of this script?

A.

To query the DNS for IP addresses and corresponding hostnames in a subnet

B.

To output a list of all IP addresses in a subnet for later scanning

C.

To ping every IP address in a subnet to discover live hosts

D.

To search for DNS servers among the IP addresses in a subnet

Question # 23

PCI DSS requires which of the following as part of the penetration-testing process?

A.

The penetration tester must have cybersecurity certifications.

B.

The network must be segmented.

C.

Only externally facing systems should be tested.

D.

The assessment must be performed during non-working hours.

Question # 24

A software company has hired a penetration tester to perform a penetration test on a database server. The tester has been given a variety of tools used by the company’s privacy policy. Which of the following would be the BEST to use to find vulnerabilities on this server?

A.

OpenVAS

B.

Nikto

C.

SQLmap

D.

Nessus

Question # 25

A penetration tester completed an assessment, removed all artifacts and accounts created during the test, and presented the findings to the client. Which of the following happens NEXT?

A.

The penetration tester conducts a retest.

B.

The penetration tester deletes all scripts from the client machines.

C.

The client applies patches to the systems.

D.

The client clears system logs generated during the test.

Question # 26

A penetration tester has gained access to part of an internal network and wants to exploit on a different network segment. Using Scapy, the tester runs the following command:

Which of the following represents what the penetration tester is attempting to accomplish?

A.

DNS cache poisoning

B.

MAC spoofing

C.

ARP poisoning

D.

Double-tagging attack

Question # 27

A red-team tester has been contracted to emulate the threat posed by a malicious insider on a company’s network, with the constrained objective of gaining access to sensitive personnel files. During the assessment, the red-team tester identifies an artifact indicating possible prior compromise within the target environment.

Which of the following actions should the tester take?

A.

Perform forensic analysis to isolate the means of compromise and determine attribution.

B.

Incorporate the newly identified method of compromise into the red team’s approach.

C.

Create a detailed document of findings before continuing with the assessment.

D.

Halt the assessment and follow the reporting procedures as outlined in the contract.

Question # 28

A penetration tester runs the unshadow command on a machine. Which of the following tools will the tester most likely use NEXT?

A.

John the Ripper

B.

Hydra

C.

Mimikatz

D.

Cain and Abel

Question # 29

A penetration tester has established an on-path attack position and must now specially craft a DNS query response to be sent back to a target host. Which of the following utilities would BEST support this objective?

A.

Socat

B.

tcpdump

C.

Scapy

D.

dig

Question # 30

A penetration tester performs the following command:

curl –I –http2 https://www.comptia.org

Which of the following snippets of output will the tester MOST likely receive?

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Go to page: