Amazon
Avaya
Checkpoint
Cisco®
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL®
Juniper
Microsoft
MuleSoft
Okta
Oracle
Palo Alto Networks
Salesforce
All Vendors
  1. Home
  2. CompTIA
  3. PT0-002

CompTIA PT0-002 Exam (page: 9)
CompTIA PenTest+ Certification
Updated on: 31-Aug-2025

Viewing Page 9 of 105
PT0-002 PDF 520 Questions

A penetration tester has been given an assignment to attack a series of targets in the 192.168.1.0/24 range, triggering as few alarms and countermeasures as possible.
Which of the following Nmap scan syntaxes would BEST accomplish this objective?

  1. nmap -sT -vvv -O 192.168.1.2/24 -PO
  2. nmap -sV 192.168.1.2/24 -PO
  3. nmap -sA -v -O 192.168.1.2/24
  4. nmap -sS -O 192.168.1.2/24 -T1

Answer(s): D


Reference:

https://nmap.org/book/man-port-scanning-techniques.html



A penetration tester has gained access to a network device that has a previously unknown IP range on an interface. Further research determines this is an always-on VPN tunnel to a third-party supplier.
Which of the following is the BEST action for the penetration tester to take?

  1. Utilize the tunnel as a means of pivoting to other internal devices.
  2. Disregard the IP range, as it is out of scope.
  3. Stop the assessment and inform the emergency contact.
  4. Scan the IP range for additional systems to exploit.

Answer(s): C



A penetration tester recently performed a social-engineering attack in which the tester found an employee of the target company at a local coffee shop and over time built a relationship with the employee. On the employee's birthday, the tester gave the employee an external hard drive as a gift.
Which of the following social-engineering attacks was the tester utilizing?

  1. Phishing
  2. Tailgating
  3. Baiting
  4. Shoulder surfing

Answer(s): C


Reference:

https://phoenixnap.com/blog/what-is-social-engineering-types-of-threats



A security company has been contracted to perform a scoped insider-threat assessment to try to gain access to the human resources server that houses PII and salary data. The penetration testers have been given an internal network starting position.
Which of the following actions, if performed, would be ethical within the scope of the assessment?

  1. Exploiting a configuration weakness in the SQL database
  2. Intercepting outbound TLS traffic
  3. Gaining access to hosts by injecting malware into the enterprise-wide update server
  4. Leveraging a vulnerability on the internal CA to issue fraudulent client certificates
  5. Establishing and maintaining persistence on the domain controller

Answer(s): A



A penetration tester is able to capture the NTLM challenge-response traffic between a client and a server.
Which of the following can be done with the pcap to gain access to the server?

  1. Perform vertical privilege escalation.
  2. Replay the captured traffic to the server to recreate the session.
  3. Use John the Ripper to crack the password.
  4. Utilize a pass-the-hash attack.

Answer(s): D



Viewing Page 9 of 105



Share your comments for CompTIA PT0-002 exam with other users:

SAJI 7/20/2023 2:51:00 AM

56 question correct answer a,b
Anonymous


Summer 10/4/2023 9:57:00 PM

looking forward to the real exam
Anonymous