Special Summer Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

PT0-002 Exam Dumps - CompTIA PenTest+ Questions and Answers

Question # 114

A client has requested that the penetration test scan include the following UDP services: SNMP, NetBIOS, and DNS. Which of the following Nmap commands will perform the scan?

Options:

A.

nmap –vv sUV –p 53, 123-159 10.10.1.20/24 –oA udpscan

B.

nmap –vv sUV –p 53,123,161-162 10.10.1.20/24 –oA udpscan

C.

nmap –vv sUV –p 53,137-139,161-162 10.10.1.20/24 –oA udpscan

D.

nmap –vv sUV –p 53, 122-123, 160-161 10.10.1.20/24 –oA udpscan

Buy Now
Question # 115

Which of the following BEST describes why a client would hold a lessons-learned meeting with the penetration-testing team?

Options:

A.

To provide feedback on the report structure and recommend improvements

B.

To discuss the findings and dispute any false positives

C.

To determine any processes that failed to meet expectations during the assessment

D.

To ensure the penetration-testing team destroys all company data that was gathered during the test

Buy Now
Question # 116

A penetration tester conducted a discovery scan that generated the following:

Which of the following commands generated the results above and will transform them into a list of active hosts for further analysis?

Options:

A.

nmap –oG list.txt 192.168.0.1-254 , sort

B.

nmap –sn 192.168.0.1-254 , grep “Nmap scan” | awk ‘{print S5}’

C.

nmap –-open 192.168.0.1-254, uniq

D.

nmap –o 192.168.0.1-254, cut –f 2

Buy Now
Question # 117

Which of the following expressions in Python increase a variable val by one (Choose two.)

Options:

A.

val++

B.

+val

C.

val=(val+1)

D.

++val

E.

val=val++

F.

val+=1

Buy Now
Question # 118

A company conducted a simulated phishing attack by sending its employees emails that included a link to a site that mimicked the corporate SSO portal. Eighty percent of the employees who received the email clicked the link and provided their corporate credentials on the fake site. Which of the following recommendations would BEST address this situation?

Options:

A.

Implement a recurring cybersecurity awareness education program for all users.

B.

Implement multifactor authentication on all corporate applications.

C.

Restrict employees from web navigation by defining a list of unapproved sites in the corporate proxy.

D.

Implement an email security gateway to block spam and malware from email communications.

Buy Now
Question # 119

A penetration tester has established an on-path attack position and must now specially craft a DNS query response to be sent back to a target host. Which of the following utilities would BEST support this objective?

Options:

A.

Socat

B.

tcpdump

C.

Scapy

D.

dig

Buy Now
Question # 120

A penetration tester is exploring a client’s website. The tester performs a curl command and obtains the following:

* Connected to 10.2.11.144 (::1) port 80 (#0)

> GET /readmine.html HTTP/1.1

> Host: 10.2.11.144

> User-Agent: curl/7.67.0

> Accept: */*

>

* Mark bundle as not supporting multiuse

< HTTP/1.1 200

< Date: Tue, 02 Feb 2021 21:46:47 GMT

< Server: Apache/2.4.41 (Debian)

< Content-Length: 317

< Content-Type: text/html; charset=iso-8859-1

<

WordPress › ReadMe

Which of the following tools would be BEST for the penetration tester to use to explore this site further?

Options:

A.

Burp Suite

B.

DirBuster

C.

WPScan

D.

OWASP ZAP

Buy Now
Question # 121

A consultant just performed a SYN scan of all the open ports on a remote host and now needs to remotely identify the type of services that are running on the host. Which of the following is an active reconnaissance tool that would be BEST to use to accomplish this task?

Options:

A.

tcpdump

B.

Snort

C.

Nmap

D.

Netstat

E.

Fuzzer

Buy Now
Question # 122

A penetration tester is working on a scoping document with a new client. The methodology the client uses includes the following:

    Pre-engagement interaction (scoping and ROE)

    Intelligence gathering (reconnaissance)

    Threat modeling

    Vulnerability analysis

    Exploitation and post exploitation

    Reporting

Which of the following methodologies does the client use?

Options:

A.

OWASP Web Security Testing Guide

B.

PTES technical guidelines

C.

NIST SP 800-115

D.

OSSTMM

Buy Now
Question # 123

A penetration tester has been hired to configure and conduct authenticated scans of all the servers on a software company’s network. Which of the following accounts should the tester use to return the MOST results?

Options:

A.

Root user

B.

Local administrator

C.

Service

D.

Network administrator

Buy Now
Exam Code: PT0-002
Exam Name: CompTIA PenTest+ Certification Exam
Last Update: Apr 2, 2025
Questions: 464
PT0-002 pdf

PT0-002 PDF

$25.5  $84.99
PT0-002 Engine

PT0-002 Testing Engine

$28.5  $94.99
PT0-002 PDF + Engine

PT0-002 PDF + Testing Engine

$40.5  $134.99