Summer Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: buysanta

Exact2Pass Menu

CompTIA PenTest+ Certification Exam

Last Update 15 hours ago Total Questions : 464

The CompTIA PenTest+ Certification Exam content is now fully updated, with all current exam questions added 15 hours ago. Deciding to include PT0-002 practice exam questions in your study plan goes far beyond basic test preparation.

You'll find that our PT0-002 exam questions frequently feature detailed scenarios and practical problem-solving exercises that directly mirror industry challenges. Engaging with these PT0-002 sample sets allows you to effectively manage your time and pace yourself, giving you the ability to finish any CompTIA PenTest+ Certification Exam practice test comfortably within the allotted time.

Question # 61

While performing the scanning phase of a penetration test, the penetration tester runs the following command:

........v -sV -p- 10.10.10.23-28

....ip scan is finished, the penetration tester notices all hosts seem to be down. Which of the following options should the penetration tester try next?

A.

-su

B.

-pn

C.

-sn

D.

-ss

Question # 62

During enumeration, a red team discovered that an external web server was frequented by employees. After compromising the server, which of the following attacks would best support ------------company systems?

A.

Aside-channel attack

B.

A command injection attack

C.

A watering-hole attack

D.

A cross-site scripting attack

Question # 63

After gaining access to a previous system, a penetration tester runs an Nmap scan against a network with the following results:

The tester then runs the following command from the previous exploited system, which fails:

Which of the following explains the reason why the command failed?

A.

The tester input the incorrect IP address.

B.

The command requires the ג -port 135 option.

C.

An account for RDP does not exist on the server.

D.

PowerShell requires administrative privilege.

Question # 64

A penetration tester is testing a company ' s public API and discovers that specific input allows the execution of arbitrary commands on the base operating system. Which of the following actions should the penetration tester take next?

A.

Include the findings in the final report.

B.

Notify the client immediately.

C.

Document which commands can be executed.

D.

Use this feature to further compromise the server.

Question # 65

After successfully compromising a remote host, a security consultant notices an endpoint protection software is running on the host. Which of the following commands would be

best for the consultant to use to terminate the protection software and its child processes?

A.

taskkill /PID < PID > /T /F

B.

taskkill /PID < PID > /IM /F

C.

taskkill /PID < PID > /S /U

D.

taskkill /PID < PID > /F /P

Question # 66

After obtaining a reverse shell connection, a penetration tester runs the following command: www-data@server!2:sudo -1

User www-data may run the following commands on serverl2: (root) NOPASSWD: /usr/bin/vi

Which of the following is the fastest way to escalate privileges on this server?

A.

Editing the file /etc/passwd to add a new user with uid 0

B.

Creating a Bash script, saving it on the /tmp folder, and then running it

C.

Executing the command sudo vi -c ' Jbash '

D.

Editing the file/etc/sudoers to allow any command

Question # 67

Which of the following is the most important to include in the scope of a wireless security assessment?

A.

Frequencies

B.

APs

C.

SSIDs

D.

Signal strengths

Question # 68
A.

Tailgating

B.

Spear phishing

C.

Whaling

D.

Email phishing

Question # 69

A penetration tester is conducting a test after hours and notices a critical system was taken down. Which of the following contacts should be notified first?

A.

Secondary

B.

Emergency

C.

Technical

D.

Primary

Question # 70

A penetration tester has compromised a customer ' s internal network, gaining access to a file server that hosts email server backups. Which of the following is the best tool to assist with data exfiltration?

A.

SFTP

B.

Nmap

C.

Netcat

D.

SCP

Go to page: