New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

PDF PT0-002 Study Guide

Page: 28 / 32
Question 112

A penetration tester breaks into a company's office building and discovers the company does not have a shredding service. Which of the following attacks should the penetration tester try next?

Options:

A.

Dumpster diving

B.

Phishing

C.

Shoulder surfing

D.

Tailgating

Question 113

During a penetration test, a tester is able to change values in the URL from example.com/login.php?id=5 to example.com/login.php?id=10 and gain access to a web application. Which of the following vulnerabilities has the penetration tester exploited?

Options:

A.

Command injection

B.

Broken authentication

C.

Direct object reference

D.

Cross-site scripting

Question 114

A penetration tester, who is doing an assessment, discovers an administrator has been exfiltrating proprietary company information. The administrator offers to pay the tester to keep quiet. Which of the following is the BEST action for the tester to take?

Options:

A.

Check the scoping document to determine if exfiltration is within scope.

B.

Stop the penetration test.

C.

Escalate the issue.

D.

Include the discovery and interaction in the daily report.

Question 115

During enumeration, a red team discovered that an external web server was frequented by employees. After compromising the server, which of the following attacks would best support ------------company systems?

Options:

A.

Aside-channel attack

B.

A command injection attack

C.

A watering-hole attack

D.

A cross-site scripting attack

Page: 28 / 32
Exam Code: PT0-002
Exam Name: CompTIA PenTest+ Certification Exam
Last Update: Jan 6, 2025
Questions: 445
PT0-002 pdf

PT0-002 PDF

$25.5  $84.99
PT0-002 Engine

PT0-002 Testing Engine

$28.5  $94.99
PT0-002 PDF + Engine

PT0-002 PDF + Testing Engine

$40.5  $134.99