Amazon
Avaya
Checkpoint
Cisco®
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL®
Juniper
Microsoft
MuleSoft
Okta
Oracle
Palo Alto Networks
Salesforce
All Vendors
  1. Home
  2. CompTIA
  3. PT0-002

CompTIA PT0-002 Exam (page: 10)
CompTIA PenTest+ Certification
Updated on: 01-Sep-2025

Viewing Page 10 of 105
PT0-002 PDF 520 Questions

Which of the following documents describes specific activities, deliverables, and schedules for a penetration tester?

  1. NDA
  2. MSA
  3. SOW
  4. MOU

Answer(s): C



A penetration tester is exploring a client's website. The tester performs a curl command and obtains the following:
Which of the following tools would be BEST for the penetration tester to use to explore this site further?

  1. Burp Suite
  2. DirBuster
  3. WPScan
  4. OWASP ZAP

Answer(s): C



DRAG DROP (Drag and Drop is not supported)
During a penetration test, you gain access to a system with a limited user interface. This machine appears to have access to an isolated network that you would like to port scan.
INSTRUCTIONS
Analyze the code segments to determine which sections are needed to complete a port scanning script.
Drag the appropriate elements into the correct locations to complete the script.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.
Select and Place:

  1. See Explanation section for answer.

Answer(s): A

Explanation:



In an unprotected network file repository, a penetration tester discovers a text file containing usernames and passwords in cleartext and a spreadsheet containing data for 50 employees, including full names, roles, and serial numbers. The tester realizes some of the passwords in the text file follow the format: <name- serial_number>.
Which of the following would be the best action for the tester to take NEXT with this information?

  1. Create a custom password dictionary as preparation for password spray testing.
  2. Recommend using a password manager/vault instead of text files to store passwords securely.
  3. Recommend configuring password complexity rules in all the systems and applications.
  4. Document the unprotected file repository as a finding in the penetration-testing report.

Answer(s): D



When developing a shell script intended for interpretation in Bash, the interpreter /bin/bash should be explicitly specified.
Which of the following character combinations should be used on the first line of the script to accomplish this goal?

  1. <#
  2. <$
  3. ##
  4. #$
  5. #!

Answer(s): E


Reference:

https://linuxconfig.org/bash-scripting-tutorial-for-beginners



Viewing Page 10 of 105



Share your comments for CompTIA PT0-002 exam with other users:

SAJI 7/20/2023 2:51:00 AM

56 question correct answer a,b
Anonymous


Summer 10/4/2023 9:57:00 PM

looking forward to the real exam
Anonymous