Special Summer Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

PT0-002 Exam Dumps - CompTIA PenTest+ Questions and Answers

Question # 64

Which of the following is the BEST resource for obtaining payloads against specific network infrastructure products?

Options:

A.

Exploit-DB

B.

Metasploit

C.

Shodan

D.

Retina

Buy Now
Question # 65

ion tester is attempting to get more people from a target company to download and run an executable. Which of the following would be the.. :tive way for the tester to achieve this objective?

Options:

A.

Dropping USB flash drives around the company campus with the file on it

B.

Attaching the file in a phishing SMS that warns users to execute the file or they will be locked out of their accounts

C.

Sending a pretext email from the IT department before sending the download instructions later

D.

Saving the file in a common folder with a name that encourages people to click it

Buy Now
Question # 66

A penetration tester needs to perform a vulnerability scan against a web server. Which of the following tools is the tester MOST likely to choose?

Options:

A.

Nmap

B.

Nikto

C.

Cain and Abel

D.

Ethercap

Buy Now
Question # 67

A penetration tester utilized Nmap to scan host 64.13.134.52 and received the following results:

Based on the output, which of the following services are MOST likely to be exploited? (Choose two.)

Options:

A.

Telnet

B.

HTTP

C.

SMTP

D.

DNS

E.

NTP

F.

SNMP

Buy Now
Question # 68

Which of the following provides an exploitation suite with payload modules that cover the broadest range of target system types?

Options:

A.

Nessus

B.

Metasploit

C.

Burp Suite

D.

Ethercap

Buy Now
Question # 69

A penetration tester opened a reverse shell on a Linux web server and successfully escalated privileges to root. During the engagement, the tester noticed that another user logged in frequently as root to perform work tasks. To avoid disrupting this user’s work, which of the following is the BEST option for the penetration tester to maintain root-level persistence on this server during the test?

Options:

A.

Add a web shell to the root of the website.

B.

Upgrade the reverse shell to a true TTY terminal.

C.

Add a new user with ID 0 to the /etc/passwd file.

D.

Change the password of the root user and revert after the test.

Buy Now
Question # 70

The provision that defines the level of responsibility between the penetration tester and the client for preventing unauthorized disclosure is found in the:

Options:

A.

NDA

B.

SLA

C.

MSA

D.

SOW

Buy Now
Question # 71

A penetration tester found several critical SQL injection vulnerabilities during an assessment of a client's system. The tester would like to suggest mitigation to the client as soon as possible.

Which of the following remediation techniques would be the BEST to recommend? (Choose two.)

Options:

A.

Closing open services

B.

Encryption users' passwords

C.

Randomizing users' credentials

D.

Users' input validation

E.

Parameterized queries

F.

Output encoding

Buy Now
Question # 72

A client evaluating a penetration testing company requests examples of its work. Which of the following represents the BEST course of action for the penetration testers?

Options:

A.

Redact identifying information and provide a previous customer's documentation.

B.

Allow the client to only view the information while in secure spaces.

C.

Determine which reports are no longer under a period of confidentiality.

D.

Provide raw output from penetration testing tools.

Buy Now
Question # 73

During a web application test, a penetration tester was able to navigate to https://company.com and view all links on the web page. After manually reviewing the pages, the tester used a web scanner to automate the search for vulnerabilities. When returning to the web application, the following message appeared in the browser: unauthorized to view this page. Which of the following BEST explains what occurred?

Options:

A.

The SSL certificates were invalid.

B.

The tester IP was blocked.

C.

The scanner crashed the system.

D.

The web page was not found.

Buy Now
Exam Code: PT0-002
Exam Name: CompTIA PenTest+ Certification Exam
Last Update: Mar 31, 2025
Questions: 464
PT0-002 pdf

PT0-002 PDF

$25.5  $84.99
PT0-002 Engine

PT0-002 Testing Engine

$28.5  $94.99
PT0-002 PDF + Engine

PT0-002 PDF + Testing Engine

$40.5  $134.99