Practice Exams:

Free PT0-002 Exam Braindumps

Pass your CompTIA PenTest+ Certification Exam exam with these free Questions and Answers

Page 6 of 56
PDF with 278 Questions
QUESTION 21

A penetration tester received a .pcap file to look for credentials to use in an engagement. Which of the following tools should the tester utilize to open and read the .pcap file?

  1. A. Nmap
  2. B. Wireshark
  3. C. Metasploit
  4. D. Netcat

Correct Answer: B

QUESTION 22

An assessor wants to use Nmap to help map out a stateful firewall rule set. Which of the following scans will the assessor MOST likely run?

  1. A. nmap 192.168.0.1/24
  2. B. nmap 192.168.0.1/24
  3. C. nmap oG 192.168.0.1/24
  4. D. nmap 192.168.0.1/24

Correct Answer: A

QUESTION 23

A new client hired a penetration-testing company for a month-long contract for various security assessments against the client’s new service. The client is expecting to make the new service publicly available shortly after the assessment is complete and is planning to fix any findings, except for critical issues, after the service is made public. The client wants a simple report structure and does not want to receive daily findings.
Which of the following is most important for the penetration tester to define FIRST?

  1. A. Establish the format required by the client.
  2. B. Establish the threshold of risk to escalate to the client immediately.
  3. C. Establish the method of potential false positives.
  4. D. Establish the preferred day of the week for reporting.

Correct Answer: B

QUESTION 24

A penetration tester is starting an assessment but only has publicly available information about the target company. The client is aware of this exercise and is preparing for the test.
Which of the following describes the scope of the assessment?

  1. A. Partially known environment testing
  2. B. Known environment testing
  3. C. Unknown environment testing
  4. D. Physical environment testing

Correct Answer: C

QUESTION 25

A penetration tester has gained access to a network device that has a previously unknown IP range on an interface. Further research determines this is an always-on VPN tunnel to a third-party supplier.
Which of the following is the BEST action for the penetration tester to take?

  1. A. Utilize the tunnel as a means of pivoting to other internal devices.
  2. B. Disregard the IP range, as it is out of scope.
  3. C. Stop the assessment and inform the emergency contact.
  4. D. Scan the IP range for additional systems to exploit.

Correct Answer: D

Page 6 of 56
PDF with 278 Questions

Post your Comments and Discuss CompTIA PT0-002 exam with other Community members: