Amazon
Avaya
Checkpoint
Cisco®
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL®
Juniper
Microsoft
MuleSoft
Okta
Oracle
Palo Alto Networks
Salesforce
All Vendors
  1. Home
  2. CompTIA
  3. PT0-002

CompTIA PT0-002 Exam (page: 1)
CompTIA PenTest+ Certification
Updated on: 25-Aug-2025

Viewing Page 1 of 105
PT0-002 PDF 520 Questions

Which of the following commands will allow a penetration tester to permit a shell script to be executed by the file owner?

  1. chmod u+x script.sh
  2. chmod u+e script.sh
  3. chmod o+e script.sh
  4. chmod o+x script.sh

Answer(s): A


Reference:

https://newbedev.com/chmod-u-x-versus-chmod-x



A penetration tester gains access to a system and establishes persistence, and then run the following commands:
Which of the following actions is the tester MOST likely performing?

  1. Redirecting Bash history to /dev/null
  2. Making a copy of the user's Bash history to further enumeration
  3. Covering tracks by clearing the Bash history
  4. Making decoy files on the system to confuse incident responders

Answer(s): C


Reference:

https://null-byte.wonderhowto.com/how-to/clear-logs-bash-history-hacked-linux-systems-cover- your-tracks-remain-undetected-0244768/



A compliance-based penetration test is primarily concerned with:

  1. obtaining PII from the protected network.
  2. bypassing protection on edge devices.
  3. determining the efficacy of a specific set of security standards.
  4. obtaining specific information from the protected network.

Answer(s): C



A penetration tester is explaining the MITRE ATT&CK framework to a company's chief legal counsel.
Which of the following would the tester MOST likely describe as a benefit of the framework?

  1. Understanding the tactics of a security intrusion can help disrupt them.
  2. Scripts that are part of the framework can be imported directly into SIEM tools.
  3. The methodology can be used to estimate the cost of an incident better.
  4. The framework is static and ensures stability of a security program over time.

Answer(s): A


Reference:

https://attack.mitre.org/



Which of the following BEST describe the OWASP Top 10? (Choose two.)

  1. The most critical risks of web applications
  2. A list of all the risks of web applications
  3. The risks defined in order of importance
  4. A web-application security standard
  5. A risk-governance and compliance framework
  6. A checklist of Apache vulnerabilities

Answer(s): A,C


Reference:

https://www.synopsys.com/glossary/what-is-owasp-top-10.html



Viewing Page 1 of 105



Share your comments for CompTIA PT0-002 exam with other users:

SAJI 7/20/2023 2:51:00 AM

56 question correct answer a,b
Anonymous


Summer 10/4/2023 9:57:00 PM

looking forward to the real exam
Anonymous