Independence Day Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 65pass65

Good News !!! PT0-002 CompTIA PenTest+ Certification Exam is now Stable and With Pass Result

PT0-002 Practice Exam Questions and Answers

CompTIA PenTest+ Certification Exam

Last Update 4 days ago
Total Questions : 415

CompTIA PenTest+ Certification Exam is stable now with all latest exam questions are added 4 days ago. Incorporating PT0-002 practice exam questions into your study plan is more than just a preparation strategy.

PT0-002 exam questions often include scenarios and problem-solving exercises that mirror real-world challenges. Working through PT0-002 dumps allows you to practice pacing yourself, ensuring that you can complete all CompTIA PenTest+ Certification Exam practice test within the allotted time frame.

PT0-002 PDF

PT0-002 PDF (Printable)
$42
$119.99

PT0-002 Testing Engine

PT0-002 PDF (Printable)
$49
$139.99

PT0-002 PDF + Testing Engine

PT0-002 PDF (Printable)
$61.95
$176.99
Question # 1

During an assessment, a penetration tester obtains a list of 30 email addresses by crawling the target company's website and then creates a list of possible usernames based on the email address format. Which of the following types of attacks would MOST likely be used to avoid account lockout?

Options:

A.  

Mask

B.  

Rainbow

C.  

Dictionary

D.  

Password spraying

Discussion 0
Question # 2

A penetration tester runs the following command:

l.comptia.local axfr comptia.local

which of the following types of information would be provided?

Options:

A.  

The DNSSEC certificate and CA

B.  

The DHCP scopes and ranges used on the network

C.  

The hostnames and IP addresses of internal systems

D.  

The OS and version of the DNS server

Discussion 0
Question # 3

A penetration tester has extracted password hashes from the lsass.exe memory process. Which of the following should the tester perform NEXT to pass the hash and provide persistence with the newly acquired credentials?

Options:

A.  

Use Patator to pass the hash and Responder for persistence.

B.  

Use Hashcat to pass the hash and Empire for persistence.

C.  

Use a bind shell to pass the hash and WMI for persistence.

D.  

Use Mimikatz to pass the hash and PsExec for persistence.

Discussion 0
Question # 4

Which of the following situations would require a penetration tester to notify the emergency contact for the engagement?

Options:

A.  

The team exploits a critical server within the organization.

B.  

The team exfiltrates PII or credit card data from the organization.

C.  

The team loses access to the network remotely.

D.  

The team discovers another actor on a system on the network.

Discussion 0
Question # 5

During the assessment of a client's cloud and on-premises environments, a penetration tester was able to gain ownership of a storage object within the cloud environment using the provided on-premises credentials. Which of the following best describes why the tester was able to gain access?

Options:

A.  

Federation misconfiguration of the container

B.  

Key mismanagement between the environments

C.  

laaS failure at the provider

D.  

Container listed in the public domain

Discussion 0
Question # 6

A penetration tester is required to perform a vulnerability scan that reduces the likelihood of false positives and increases the true positives of the results. Which of the following would MOST likely accomplish this goal?

Options:

A.  

Using OpenVAS in default mode

B.  

Using Nessus with credentials

C.  

Using Nmap as the root user

D.  

Using OWASP ZAP

Discussion 0
Question # 7

During a penetration test, a tester is able to change values in the URL from example.com/login.php?id=5 to example.com/login.php?id=10 and gain access to a web application. Which of the following vulnerabilities has the penetration tester exploited?

Options:

A.  

Command injection

B.  

Broken authentication

C.  

Direct object reference

D.  

Cross-site scripting

Discussion 0
Question # 8

A security firm is discussing the results of a penetration test with the client. Based on the findings, the client wants to focus the remaining time on a critical network segment. Which of the following BEST describes the action taking place?

Options:

A.  

Maximizing the likelihood of finding vulnerabilities

B.  

Reprioritizing the goals/objectives

C.  

Eliminating the potential for false positives

D.  

Reducing the risk to the client environment

Discussion 0
Question # 9

SIMULATION

Using the output, identify potential attack vectors that should be further investigated.

Question # 9

Question # 9

Question # 9

Question # 9

Question # 9

Options:

Discussion 0
Question # 10

The following output is from reconnaissance on a public-facing banking website:

Question # 10

Based on these results, which of the following attacks is MOST likely to succeed?

Options:

A.  

A birthday attack on 64-bit ciphers (Sweet32)

B.  

An attack that breaks RC4 encryption

C.  

An attack on a session ticket extension (Ticketbleed)

D.  

A Heartbleed attack

Discussion 0
Get PT0-002 dumps and pass your exam in 24 hours!

Free Exams Sample Questions