• Home
  • Articles
  • 100% Updated CompTIA PT0-002 Enterprise PDF Dumps [Q63-Q86]

100% Updated CompTIA PT0-002 Enterprise PDF Dumps [Q63-Q86]

Share

100% Updated CompTIA PT0-002 Enterprise PDF Dumps

Use Valid Exam PT0-002 by TrainingDumps Books For Free Website

NEW QUESTION 63
A penetration tester finds a PHP script used by a web application in an unprotected internal source code repository. After reviewing the code, the tester identifies the following:

Which of the following tools will help the tester prepare an attack for this scenario?

  • A. Hydra and crunch
  • B. Burp Suite and DIRB
  • C. Netcat and cURL
  • D. Nmap and OWASP ZAP

Answer: A

 

NEW QUESTION 64
Which of the following should a penetration tester do NEXT after identifying that an application being tested has already been compromised with malware?

  • A. Stop the assessment and inform the emergency contact.
  • B. Collect the proper evidence and then remove the malware.
  • C. Do a root-cause analysis to find out how the malware got in.
  • D. Analyze the malware to see what it does.
  • E. Remove the malware immediately.

Answer: E

 

NEW QUESTION 65
Which of the following would MOST likely be included in the final report of a static application-security test that was written with a team of application developers as the intended audience?

  • A. Executive summary of the penetration-testing methods used
  • B. Bill of materials including supplies, subcontracts, and costs incurred during assessment
  • C. Quantitative impact assessments given a successful software compromise
  • D. Code context for instances of unsafe type-casting operations

Answer: C

 

NEW QUESTION 66
A penetration tester has established an on-path attack position and must now specially craft a DNS query response to be sent back to a target host. Which of the following utilities would BEST support this objective?

  • A. tcpdump
  • B. dig
  • C. Socat
  • D. Scapy

Answer: C

 

NEW QUESTION 67
A penetration tester has identified several newly released CVEs on a VoIP call manager. The scanning tool the tester used determined the possible presence of the CVEs based off the version number of the service. Which of the following methods would BEST support validation of the possible findings?

  • A. Test with proof-of-concept code from an exploit database
  • B. Manually check the version number of the VoIP service against the CVE release
  • C. Utilize an nmap -sV scan against the service
  • D. Review SIP traffic from an on-path position to look for indicators of compromise

Answer: C

 

NEW QUESTION 68
A client has requested that the penetration test scan include the following UDP services: SNMP, NetBIOS, and DNS. Which of the following Nmap commands will perform the scan?

  • A. nmap -vv sUV -p 53,137-139,161-162 10.10.1.20/24 -oA udpscan
  • B. nmap -vv sUV -p 53,123,161-162 10.10.1.20/24 -oA udpscan
  • C. nmap -vv sUV -p 53, 122-123, 160-161 10.10.1.20/24 -oA udpscan
  • D. nmap -vv sUV -p 53, 123-159 10.10.1.20/24 -oA udpscan

Answer: B

 

NEW QUESTION 69
A penetration tester who is performing a physical assessment of a company's security practices notices the company does not have any shredders inside the office building. Which of the following techniques would be BEST to use to gain confidential information?

  • A. Tailgating
  • B. Badge cloning
  • C. Dumpster diving
  • D. Shoulder surfing

Answer: C

 

NEW QUESTION 70
A penetration tester conducted a vulnerability scan against a client's critical servers and found the following:

Which of the following would be a recommendation for remediation?

  • A. Implement a patch management plan
  • B. Utilize the secure software development life cycle
  • C. Deploy a user training program
  • D. Configure access controls on each of the servers

Answer: A

 

NEW QUESTION 71
A new security firm is onboarding its first client. The client only allowed testing over the weekend and needed the results Monday morning. However, the assessment team was not able to access the environment as expected until Monday. Which of the following should the security company have acquired BEFORE the start of the assessment?

  • A. A signed statement of work
  • B. The proper emergency contacts for the client
  • C. The correct user accounts and associated passwords
  • D. The expected time frame of the assessment

Answer: D

 

NEW QUESTION 72
A penetration tester wrote the following script to be used in one engagement:

Which of the following actions will this script perform?

  • A. Create an encrypted tunnel.
  • B. Listen for a reverse shell.
  • C. Look for open ports.
  • D. Attempt to flood open ports.

Answer: C

 

NEW QUESTION 73
A penetration tester recently performed a social-engineering attack in which the tester found an employee of the target company at a local coffee shop and over time built a relationship with the employee. On the employee's birthday, the tester gave the employee an external hard drive as a gift. Which of the following social-engineering attacks was the tester utilizing?

  • A. Tailgating
  • B. Baiting
  • C. Phishing
  • D. Shoulder surfing

Answer: B

 

NEW QUESTION 74
A penetration tester performs the following command:
curl -I -http2 https://www.comptia.org
Which of the following snippets of output will the tester MOST likely receive?

  • A. Option D
  • B. Option B
  • C. Option A
  • D. Option C

Answer: C

 

NEW QUESTION 75
A penetration tester has completed an analysis of the various software products produced by the company under assessment. The tester found that over the past several years the company has been including vulnerable third-party modules in multiple products, even though the quality of the organic code being developed is very good. Which of the following recommendations should the penetration tester include in the report?

  • A. Add a dependency checker into the tool chain.
  • B. Perform routine static and dynamic analysis of committed code.
  • C. Validate API security settings before deployment.
  • D. Perform fuzz testing of compiled binaries.

Answer: D

 

NEW QUESTION 76
A penetration tester was able to gain access successfully to a Windows workstation on a mobile client's laptop. Which of the following can be used to ensure the tester is able to maintain access to the system?

  • A. sudo useradd -ou 0 -g 0 user
  • B. schtasks /create /sc /ONSTART /tr C:\Temp\WindowsUpdate.exe
  • C. crontab -l; echo "@reboot sleep 200 && ncat -lvp 4242 -e /bin/bash") | crontab 2>/dev/null
  • D. wmic startup get caption,command

Answer: D

 

NEW QUESTION 77
Which of the following documents describes specific activities, deliverables, and schedules for a penetration tester?

  • A. SOW
  • B. NDA
  • C. MOU
  • D. MSA

Answer: A

 

NEW QUESTION 78
A penetration tester is testing a web application that is hosted by a public cloud provider. The tester is able to query the provider's metadata and get the credentials used by the instance to authenticate itself. Which of the following vulnerabilities has the tester exploited?

  • A. Local file inclusion
  • B. Cross-site request forgery
  • C. Remote file inclusion
  • D. Server-side request forgery

Answer: D

 

NEW QUESTION 79
Running a vulnerability scanner on a hybrid network segment that includes general IT servers and industrial control systems:

  • A. will create a denial-of-service condition on the IP networks.
  • B. will reveal vulnerabilities in the Modbus protocol.
  • C. may cause unintended failures in control systems.
  • D. may reduce the true positive rate of findings.

Answer: C

 

NEW QUESTION 80
A penetration tester obtained the following results after scanning a web server using the dirb utility:
...
GENERATED WORDS: 4612
---- Scanning URL: http://10.2.10.13/ ----
+ http://10.2.10.13/about (CODE:200|SIZE:1520)
+ http://10.2.10.13/home.html (CODE:200|SIZE:214)
+ http://10.2.10.13/index.html (CODE:200|SIZE:214)
+ http://10.2.10.13/info (CODE:200|SIZE:214)
...
DOWNLOADED: 4612 - FOUND: 4
Which of the following elements is MOST likely to contain useful information for the penetration tester?

  • A. info
  • B. about
  • C. index.html
  • D. home.html

Answer: B

 

NEW QUESTION 81
A penetration tester recently completed a review of the security of a core network device within a corporate environment. The key findings are as follows:
* The following request was intercepted going to the network device:
GET /login HTTP/1.1
Host: 10.50.100.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Authorization: Basic WU9VUilOQU1FOnNlY3JldHBhc3N3b3jk
* Network management interfaces are available on the production network.
* An Nmap scan returned the following:

Which of the following would be BEST to add to the recommendations section of the final report? (Choose two.)

  • A. Create an out-of-band network for management.
  • B. Disable HTTP/301 redirect configuration.
  • C. Enforce enhanced password complexity requirements.
  • D. Implement a better method for authentication.
  • E. Disable or upgrade SSH daemon.
  • F. Eliminate network management and control interfaces.

Answer: B,D

 

NEW QUESTION 82
A security professional wants to test an IoT device by sending an invalid packet to a proprietary service listening on TCP port 3011. Which of the following would allow the security professional to easily and programmatically manipulate the TCP header length and checksum using arbitrary numbers and to observe how the proprietary service responds?

  • A. tcpdump
  • B. hping3
  • C. Nmap
  • D. Scapy

Answer: C

 

NEW QUESTION 83
A penetration tester has been hired to configure and conduct authenticated scans of all the servers on a software company's network. Which of the following accounts should the tester use to return the MOST results?

  • A. Network administrator
  • B. Local administrator
  • C. Root user
  • D. Service

Answer: D

 

NEW QUESTION 84
You are a penetration tester running port scans on a server.
INSTRUCTIONS
Part 1: Given the output, construct the command that was used to generate this output from the available options.
Part 2: Once the command is appropriately constructed, use the given output to identify the potential attack vectors that should be investigated further.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

Answer:

Explanation:
Part 1 - nmap 192.168.2.2 -sV -O
Part 2 - Weak SMB file permissions

 

NEW QUESTION 85
User credentials were captured from a database during an assessment and cracked using rainbow tables. Based on the ease of compromise, which of the following algorithms was MOST likely used to store the passwords in the database?

  • A. SHA-1
  • B. PBKDF2
  • C. bcrypt
  • D. MD5

Answer: D

 

NEW QUESTION 86
......

CompTIA PT0-002 Official Cert Guide PDF: https://www.trainingdumps.com/PT0-002_exam-valid-dumps.html

Free CompTIA PenTest+ PT0-002 Official Cert Guide PDF Download: https://drive.google.com/open?id=1m0w2-CtlbTHZFnAAGA9jNYEIGtC8mfjx 

Related Articles

more
CompTIA PT0-002 Certification Practice Exam

TrainingDumps offers you the latest and useful exam training dumps, with which you can face the coming exam more relaxed.

Latest Training Dumps

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 TrainingDumps NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy