Amazon
Avaya
Checkpoint
Cisco®
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL®
Juniper
Microsoft
MuleSoft
Okta
Oracle
Palo Alto Networks
Salesforce
All Vendors
  1. Home
  2. CompTIA
  3. PT0-002

CompTIA PT0-002 Exam (page: 20)
CompTIA PenTest+ Certification
Updated on: 01-Sep-2025

Viewing Page 20 of 105
PT0-002 PDF 520 Questions

A final penetration test report has been submitted to the board for review and accepted. The report has three findings rated high. Which of the following should be the NEXT step?

  1. Perform a new penetration test.
  2. Remediate the findings.
  3. Provide the list of common vulnerabilities and exposures.
  4. Broaden the scope of the penetration test.

Answer(s): B



Which of the following situations would require a penetration tester to notify the emergency contact for the engagement?

  1. The team exploits a critical server within the organization.
  2. The team exfiltrates PII or credit card data from the organization.
  3. The team loses access to the network remotely.
  4. The team discovers another actor on a system on the network.

Answer(s): D



During an engagement, a penetration tester found the following list of strings inside a file:
Which of the following is the BEST technique to determine the known plaintext of the strings?

  1. Dictionary attack
  2. Rainbow table attack
  3. Brute-force attack
  4. Credential-stuffing attack

Answer(s): B


Reference:

https://www.sciencedirect.com/topics/computer-science/plaintext-attack



A penetration tester ran a simple Python-based scanner. The following is a snippet of the code:
Which of the following BEST describes why this script triggered a `probable port scan` alert in the organization's IDS?

  1. sock.settimeout(20) on line 7 caused each next socket to be created every 20 milliseconds.
  2. *range(1, 1025) on line 1 populated the portList list in numerical order.
  3. Line 6 uses socket.SOCK_STREAM instead of socket.SOCK_DGRAM
  4. The remoteSvr variable has neither been type-hinted nor initialized.

Answer(s): B



A penetration tester is conducting an authorized, physical penetration test to attempt to enter a client's building during non-business hours. Which of the following are MOST important for the penetration tester to have during the test? (Choose two.)

  1. A handheld RF spectrum analyzer
  2. A mask and personal protective equipment
  3. Caution tape for marking off insecure areas
  4. A dedicated point of contact at the client
  5. The paperwork documenting the engagement
  6. Knowledge of the building's normal business hours

Answer(s): D,E



Viewing Page 20 of 105



Share your comments for CompTIA PT0-002 exam with other users:

SAJI 7/20/2023 2:51:00 AM

56 question correct answer a,b
Anonymous


Summer 10/4/2023 9:57:00 PM

looking forward to the real exam
Anonymous