Login / Register   My Cart (0)
  • Home
  • Articles
  • Pass Authentic CompTIA PT0-002 with Free Practice Tests and Exam Dumps [Q54-Q72]

Pass Authentic CompTIA PT0-002 with Free Practice Tests and Exam Dumps [Q54-Q72]

Share

Pass Authentic CompTIA PT0-002 with Free Practice Tests and Exam Dumps

New PT0-002  Exam Questions Real CompTIA Dumps


To prepare for the PT0-002 exam, candidates can take advantage of various resources offered by CompTIA, including study guides, practice exams, and e-learning courses. There are also third-party training providers that offer instructor-led and self-paced courses that cover the exam objectives in detail. The recommended prerequisites for the exam include the CompTIA Network+ and Security+ certifications, as well as experience in networking, vulnerability assessment, and ethical hacking.


CompTIA PT0-002 certification exam covers various topics related to penetration testing, such as planning and scoping, information gathering and vulnerability identification, attacks, exploitation, and post-exploitation techniques, reporting, and communication skills. PT0-002 exam also tests the candidate's knowledge of legal and regulatory compliance requirements, standards, and ethical considerations. CompTIA PenTest+ Certification certification exam is vendor-neutral, which means it is not limited to a particular software or hardware vendor. A successful completion of the exam indicates that the candidate possesses the necessary skills and knowledge required to conduct a successful penetration test.


The PT0-002 exam is intended for candidates who have deep knowledge and understanding of penetration testing concepts and methodologies, including network, web application, wireless, social engineering, and other related security topics. PT0-002 exam validates the candidates' ability to perform penetration testing activities ethically and effectively, and to deliver actionable recommendations to clients based on their findings.

 

NEW QUESTION # 54
A penetration tester conducted an assessment on a web server. The logs from this session show the following:
http://www.thecompanydomain.com/servicestatus.php?serviceID=892&serviceID=892 ' ; DROP TABLE SERVICES; --
Which of the following attacks is being attempted?

  • A. Cross-site scripting
  • B. Session hijacking
  • C. Cookie hijacking
  • D. Parameter pollution
  • E. Clickjacking

Answer: D


NEW QUESTION # 55
Which of the following should be included in scope documentation?

  • A. Disclaimer
  • B. Tester experience
  • C. Number of tests
  • D. Service accounts

Answer: A

Explanation:
A disclaimer is a statement that limits the liability of the penetration tester and the client in case of any unintended consequences or damages caused by the testing activities. It should be included in the scope documentation to clarify the roles and responsibilities of both parties and to avoid any legal disputes or misunderstandings. Service accounts, tester experience, and number of tests are not essential elements of the scope documentation, although they may be relevant for other aspects of the penetration testing process. References: The Official CompTIA PenTest+ Study Guide (Exam PT0-002), Chapter 1: Planning and Scoping Penetration Tests1; The Official CompTIA PenTest+ Student Guide (Exam PT0-002), Lesson 1:
Planning and Scoping Penetration Tests2; What is the Scope of a Penetration Test?3


NEW QUESTION # 56
After gaining access to a previous system, a penetration tester runs an Nmap scan against a network with the following results:

The tester then runs the following command from the previous exploited system, which fails:
Which of the following explains the reason why the command failed?

  • A. The command requires the -port 135 option.
  • B. The tester input the incorrect IP address.
  • C. An account for RDP does not exist on the server.
  • D. PowerShell requires administrative privilege.

Answer: C


NEW QUESTION # 57
A penetration tester receives the following results from an Nmap scan:

Which of the following OSs is the target MOST likely running?

  • A. CentOS
  • B. Arch Linux
  • C. Windows Server
  • D. Ubuntu

Answer: C


NEW QUESTION # 58
A penetration tester finds a PHP script used by a web application in an unprotected internal source code repository. After reviewing the code, the tester identifies the following:

Which of the following tools will help the tester prepare an attack for this scenario?

  • A. Netcat and cURL
  • B. Nmap and OWASP ZAP
  • C. Hydra and crunch
  • D. Burp Suite and DIRB

Answer: A

Explanation:
Netcat and cURL are tools that will help the tester prepare an attack for this scenario, as they can be used to establish a TCP connection, send payloads, and receive responses from the target web server. Netcat is a versatile tool that can create TCP or UDP connections and transfer data between hosts. cURL is a tool that can transfer data using various protocols, such as HTTP, FTP, SMTP, etc. The tester can use these tools to exploit the PHP script that executes shell commands with the value of the "item" variable.


NEW QUESTION # 59
A penetration tester is testing a new API for the company's existing services and is preparing the following script:

Which of the following would the test discover?

  • A. Listening web servers in a domain
  • B. Open web ports on a host
  • C. Supported HTTP methods
  • D. Default web configurations

Answer: C

Explanation:
The script is using the requests library to send an OPTIONS request to the API endpoint, which returns a list of supported HTTP methods for that resource. This can help the penetration tester to identify potential attack vectors or vulnerabilities based on the methods allowed.


NEW QUESTION # 60
A penetration tester conducted a discovery scan that generated the following:

Which of the following commands generated the results above and will transform them into a list of active hosts for further analysis?

  • A. nmap -o 192.168.0.1-254, cut -f 2
  • B. nmap -oG list.txt 192.168.0.1-254 , sort
  • C. nmap --open 192.168.0.1-254, uniq
  • D. nmap -sn 192.168.0.1-254 , grep "Nmap scan" | awk '{print S5}'

Answer: D

Explanation:
Explanation
the NMAP flag (-sn) which is for host discovery and returns that kind of NMAP output. And the AWK command selects column 5 ({print $5}) which obviously carries the returned IP of the host in the NMAP output.
This command will generate the results shown in the image and transform them into a list of active hosts for further analysis. The command consists of three parts:
nmap -sn 192.168.0.1-254: This part uses nmap, a network scanning tool, to perform a ping scan (-sn) on the IP range 192.168.0.1-254, which means sending ICMP echo requests to each IP address and checking if they respond.
grep "Nmap scan": This part uses grep, a text filtering tool, to search for the string "Nmap scan" in the output of the previous part and display only the matching lines. This will filter out the lines that show the start and end time of the scan and only show the lines that indicate the status of each host.
awk '{print $5}': This part uses awk, a text processing tool, to print the fifth field ($5) of each line in the output of the previous part. This will extract only the IP addresses of each host and display them as a list.
The final output will look something like this:
192.168.0.1 192.168.0.12 192.168.0.17 192.168.0.34


NEW QUESTION # 61
A penetration tester performs the following command:
curl -I -http2 https://www.comptia.org
Which of the following snippets of output will the tester MOST likely receive?

  • A. Option C
  • B. Option B
  • C. Option A
  • D. Option D

Answer: C


NEW QUESTION # 62
A penetration tester has been hired to examine a website for flaws. During one of the time windows for testing, a network engineer notices a flood of GET requests to the web server, reducing the website's response time by 80%. The network engineer contacts the penetration tester to determine if these GET requests are part of the test. Which of the following BEST describes the purpose of checking with the penetration tester?

  • A. Rescheduling
  • B. DDoS defense
  • C. Deconfliction
  • D. Situational awareness

Answer: C

Explanation:
Explanation
https://redteam.guide/docs/definitions/
Deconfliction is the process of coordinating activities and communicating information to avoid interference, confusion, or conflict among different parties involved in an operation. The network engineer contacted the penetration tester to check if the GET requests were part of the test, and to avoid any potential misunderstanding or disruption of the test or the website. The other options are not related to the purpose of checking with the penetration tester.


NEW QUESTION # 63
A penetration tester downloaded a Java application file from a compromised web server and identifies how to invoke it by looking at the following log:

Which of the following is the order of steps the penetration tester needs to follow to validate whether the Java application uses encryption over sockets?

  • A. Start a packet capture with Wireshark and then run the application.
  • B. Run the application attached to a debugger and then review the application's log.
  • C. Run an application vulnerability scan and then identify the TCP ports used by the application.
  • D. Disassemble the binary code and then identify the break points.

Answer: A


NEW QUESTION # 64
For a penetration test engagement, a security engineer decides to impersonate the IT help desk. The security engineer sends a phishing email containing an urgent request for users to change their passwords and a link to
https://example.com/index.html. The engineer has designed the attack so that once the users enter the credentials, the index.html page takes the credentials and then forwards them to another server that the security engineer is controlling. Given the following information:

Which of the following lines of code should the security engineer add to make the attack successful?

  • A. geturlparameter ('username')
  • B. window.location.= 'https://evilcorp.com'
  • C. crossDomain: true
  • D. redirectUrl = 'https://example.com'

Answer: C


NEW QUESTION # 65
A penetration tester wants to scan a target network without being detected by the client's IDS. Which of the following scans is MOST likely to avoid detection?

  • A. nmap -sA -sV --host-timeout 60 192.168.1.10
  • B. nmap -f --badsum 192.168.1.10
  • C. nmap -A -n 192.168.1.10
  • D. nmap -p0 -T0 -sS 192.168.1.10

Answer: B

Explanation:
Explanation
The nmap -f --badsum 192.168.1.10 command is most likely to avoid detection by the client's IDS, as it will use two techniques to evade IDS signatures or filters. The -f option will fragment the IP packets into smaller pieces that might bypass some IDS rules or firewalls. The --badsum option will use an invalid checksum in the TCP or UDP header that might cause some IDS systems to ignore the packets.


NEW QUESTION # 66
A penetration tester is conducting an assessment on 192.168.1.112. Given the following output:

Which of the following is the penetration tester conducting?

  • A. Brute force
  • B. Port scan
  • C. Credential stuffing
  • D. DoS attack

Answer: A

Explanation:
The output shows multiple login attempts with different passwords for the same username "root" on the IP address 192.168.1.112. This is indicative of a brute force attack, where an attacker systematically tries various password combinations to gain unauthorized access. References: The Official CompTIA PenTest+ Study Guide (Exam PT0-002), Chapter 4: Conducting Passive Reconnaissance; The Official CompTIA PenTest+ Student Guide (Exam PT0-002), Lesson 4: Conducting Active Reconnaissance.


NEW QUESTION # 67
A mail service company has hired a penetration tester to conduct an enumeration of all user accounts on an SMTP server to identify whether previous staff member accounts are still active. Which of the following commands should be used to accomplish the goal?

  • A. VRFY and EXPN
  • B. EXPN and TURN
  • C. RCPT TO and VRFY
  • D. VRFY and TURN

Answer: A

Explanation:
The VRFY and EXPN commands can be used to enumerate user accounts on an SMTP server, as they are used to verify the existence of users or mailing lists. VRFY (verify) asks the server to confirm that a given user name or address is valid. EXPN (expand) asks the server to expand a mailing list into its individual members. These commands can be used by a penetration tester to identify valid user names or e-mail addresses on the target SMTP server.
Reference: https://hackerone.com/reports/193314


NEW QUESTION # 68
A penetration tester conducted a discovery scan that generated the following:

Which of the following commands generated the results above and will transform them into a list of active hosts for further analysis?

  • A. nmap -o 192.168.0.1-254, cut -f 2
  • B. nmap -oG list.txt 192.168.0.1-254 , sort
  • C. nmap --open 192.168.0.1-254, uniq
  • D. nmap -sn 192.168.0.1-254 , grep "Nmap scan" | awk '{print S5}'

Answer: D

Explanation:
the NMAP flag (-sn) which is for host discovery and returns that kind of NMAP output. And the AWK command selects column 5 ({print $5}) which obviously carries the returned IP of the host in the NMAP output.
This command will generate the results shown in the image and transform them into a list of active hosts for further analysis. The command consists of three parts:
* nmap -sn 192.168.0.1-254: This part uses nmap, a network scanning tool, to perform a ping scan (-sn) on the IP range 192.168.0.1-254, which means sending ICMP echo requests to each IP address and checking if they respond.
* grep "Nmap scan": This part uses grep, a text filtering tool, to search for the string "Nmap scan" in the output of the previous part and display only the matching lines. This will filter out the lines that show the start and end time of the scan and only show the lines that indicate the status of each host.
* awk '{print $5}': This part uses awk, a text processing tool, to print the fifth field ($5) of each line in the output of the previous part. This will extract only the IP addresses of each host and display them as a list.
The final output will look something like this:
192.168.0.1 192.168.0.12 192.168.0.17 192.168.0.34


NEW QUESTION # 69
A large client wants a penetration tester to scan for devices within its network that are Internet facing. The client is specifically looking for Cisco devices with no authentication requirements. Which of the following settings in Shodan would meet the client's requirements?

  • A. "cisco-ios" "default-passwords"
  • B. "cisco-ios" "last-modified"
  • C. "cisco-ios" "admin+1234"
  • D. "cisco-ios" "no-password"

Answer: D


NEW QUESTION # 70
A penetration tester is conducting a penetration test and discovers a vulnerability on a web server that is owned by the client. Exploiting the vulnerability allows the tester to open a reverse shell. Enumerating the server for privilege escalation, the tester discovers the following:

Which of the following should the penetration tester do NEXT?

  • A. Contact the client immediately.
  • B. Note this finding for inclusion in the final report.
  • C. Close the reverse shell the tester is using.
  • D. Investigate the high numbered port connections.

Answer: D

Explanation:
The image shows the output of the netstat -antu command, which displays active internet connections for the TCP and UDP protocols. The output shows that there are four established TCP connections and two listening UDP connections on the host. The established TCP connections have high numbered ports as their local addresses, such as 49152, 49153, 49154, and 49155. These ports are in the range of ephemeral ports, which are dynamically assigned by the operating system for temporary use by applications or processes. The foreign addresses of these connections are also high numbered ports, such as 4433, 4434, 4435, and 4436. These ports are not well-known or registered ports for any common service or protocol. The combination of high numbered ports for both local and foreign addresses suggests that these connections are suspicious and may indicate a backdoor or a covert channel on the host. Therefore, the penetration tester should investigate these connections next to determine their nature and purpose. The other options are not appropriate actions for the penetration tester at this stage.


NEW QUESTION # 71
A penetration tester utilized Nmap to scan host 64.13.134.52 and received the following results:

Based on the output, which of the following services are MOST likely to be exploited? (Choose two.)

  • A. NTP
  • B. SNMP
  • C. SMTP
  • D. DNS
  • E. Telnet
  • F. HTTP

Answer: D,F


NEW QUESTION # 72
......

PT0-002 Exam Info and Free Practice Test Professional Quiz Study Materials: https://testking.testpassed.com/PT0-002-pass-rate.html

Related Articles

more
CompTIA PT0-002 Certification Practice Exam

If you choose TestPassed test questions, you will pass test and gain success surely! Top-level faculty and excellent educational experts guarantee high-quality test questions which make users pass exam certainly.

Latest Test Passed

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 TestPassed NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy