PT0-002 Exam Questions
593 real PT0-002 exam questions with expert-verified answers and explanations. Page 12 of 12.
- Question #581Planning and Scoping
A penetration tester is planning a phishing campaign for a client that targets all full-time employees. The client requested that the assessment team go easy on the employees becau...
Phishing campaignPretextingSocial engineeringClient requirements - Question #582Planning and Scoping
Which of the following is the most important consideration when performing a penetration test on a SCADA system?
SCADA securityIndustrial Control Systems (ICS)Penetration testing considerationsSystem fragility - Question #583Attacks and Exploits
A hacker wants to exploit a vulnerability in a Bluetooth-enabled device by secretly pairing with it and gaining unauthorized access. Which of the following attack methods would be...
Bluetooth attacksSpoofingWireless securityUnauthorized access - Question #584Post-exploitation and lateral movement
A penetration tester would like to use a system that places a redirector between the attacker system and the target system. Which of the following should the penetration tester use...
C2 FrameworksRedirectorsPost-exploitationPenetration Testing Tools - Question #585Reconnaissance and enumeration
A penetration tester is conducting a penetration test for a client that has many industrial devices. Which of the following would be the best tool for the tester to use?
ShodanReconnaissance toolsICS/OT securityInternet-connected devices - Question #586Post-exploitation and lateral movement
A penetration tester managed to access an internal Windows workstation for a target company. The tester used Mimikatz during the post exploitation of this compromised host. Which o...
MimikatzPost-exploitationLateral movementCredential harvesting - Question #587Reconnaissance and enumeration
A penetration tester scans a website and obtains the following output: Which of the following would be the best next step tor the penetration tester?
Web Application TestingReconnaissanceInformation GatheringWebsite Enumeration - Question #588Planning and Scoping
An organization is required to undergo a penetration test to assess the segmentation of its network. Which of the following standards or regulations requires this type of testing?
Penetration TestingRegulationsPCI DSSNetwork Segmentation - Question #589Post-exploitation and lateral movement
While wrapping up a penetration engagement, a penetration tester remembered that the following changes were made to the root crontab: Which of the following would be best for the p...
Post-engagement cleanupBackdoor removalCrontab persistenceEthical hacking principles - Question #590Planning and Scoping
Which of the following is the most important document for a penetration tester to verify is completed and signed before beginning any external or social engineering engagement?
Rules of EngagementLegal authorizationPre-engagementEngagement documents - Question #591Engagement management
While scanning a network during a contracted assessment, a penetration tester realizes that patch management is outdated with a known critical vulnerability present on organization...
Penetration testing ethicsClient notificationCritical vulnerability handlingProfessional conduct - Question #592Attacks and Exploits
A penetration tester discovered a new exploit and would like to create a Metasploit module. Which of the following programming languages would be best for the penetration tester to...
MetasploitExploit DevelopmentProgramming Languages - Question #593Information Gathering and Vulnerability Scanning
A penetration tester is performing Nmap scans while trying to remain undetected. The penetration tester runs the following command: Which of the following scans is the penetration...
NmapStealth ScanningSource IP ManipulationPenetration Testing - Question #594Reporting and Communication
Which of the following can attest evidence findings in a penetration testing report?
Pentest reportingEvidence collectionVulnerability verificationReporting standards - Question #595Post-exploitation and lateral movement
A penetration tester issued the following command at a command prompt: Which of the following is the best reason the penetration tester ran this command?
privilege escalationMSI filespost-exploitationWindows vulnerabilities - Question #596Reconnaissance and enumeration
A customer's detection team was not informed about an external penetration test engagement, so the team is actively monitoring the external surface during testing. One of the objec...
Stealth ScanningNetwork ScanningNmapTarget Identification - Question #597Attacks and Exploits
A penetration tester is testing a wireless network after business hours. The tester identifies WPA2-PSK as the protocol running in the wireless environment. After several deauthent...
Wireless securityWPA2-PSKDeauthentication attackHandshake capture - Question #598Vulnerability discovery and analysis
An organization has released a product that programmatically provides security intelligence to other applications from an endpoint. Which of the following should a consultant test?
API security testingApplication securityProgrammatic interfaceVulnerability assessment - Question #599Attacks and Exploits
An attacker chooses a busy location that has free Wi-Fi with the goal of stealing credit card information. Which of the following actions should the attacker do next to perform an...
Evil Twin AttackWireless AttacksAccess Point - Question #600Tools and Code Analysis
A penetration tester is conducting an assessment of an API. Which of the following would most likely assist with this specific request?
API testingPostmanPenetration testing tools - Question #601Attacks and Exploits
A penetration tester ran the following command: The penetration tester successfully delivered this payload by email, and a few company users have executed it. However, reverse shel...
Reverse ShellsMetasploitFirewall RulesNetwork Troubleshooting - Question #602Tools and Code Analysis
Which of the following debuggers would only support an x86 architecture?
DebuggersExploit Development ToolsReverse Engineering Toolsx86 Architecture - Question #603Tools and Code Analysis
A penetration tester is attempting to download the results from an automated vulnerability scan. However, the script does not appear to work. Given the following: Which of the foll...
Python scriptingHTTP requestsLibrary importsScripting errors - Question #604Tools and Code Analysis
A security tester is reverse engineering a desktop application. Which of the following specialized tools would be best to use?
Reverse EngineeringDynamic AnalysisFridaApplication Security - Question #605Planning and Scoping
A customer hires a penetration tester to perform a penetration test on a web application. The customer wants the tester to test every major attack vector that could allow an attack...
Web application penetration testingPenetration testing methodologyOWASPFrameworks - Question #606Reporting and Communication
Which of the following are the main audiences for the reproduction steps within a penetration test report? (Choose two.)
Penetration test reportsReport audienceReproduction stepsTechnical reporting - Question #607Planning and Scoping
A penetration tester was hired to test a web application. The penetration tester's Nmap scan is only targeting ports 80 and 443 even though other ports on the server are open. Whic...
Penetration testing scopeNmap scanningWeb application testingEngagement rules - Question #608Information Gathering and Vulnerability Scanning
As part of the scanning phase of one assessment, the tester runs the following Nmap command: The output from that command was too long for the tester to review. Which of the follow...
NmapScanningOutput FormatsCommand Line - Question #609Post-exploitation and lateral movement
A penetration tester uses Metasploit Framework and obtains a reverse shell session: Which of the following commands should the penetration tester run at Metasploit to promote this...
MetasploitMeterpreterShell upgradePost-exploitation - Question #610Tools and Code Analysis
During a penetration test, a security consultant needs to parse the contents of a CSV file. Which of the following Python code snippets would help the consultant accomplish this ta...
PythonCSV parsingData processingScripting - Question #611Attacks and Exploits
Based on the information in a report from a web application scanner, a website is susceptible to clickjacking. Which of the following techniques would be best to use to prove this...
ClickjackingWeb application exploitsProof of conceptVulnerability validation - Question #612Attacks and Exploits
During a security assessment of a web application, a penetration tester discovers a vulnerability that allows users to pass a URL to the web application and retrieve information fr...
Web Application SecurityServer-Side Request Forgery (SSRF)Input ValidationNetwork Segmentation - Question #613Attacks and Exploits
A penetration tester is receiving an HTTP code 403 when using Postman to test an API directly. However, the penetration tester can normally interact with the web application when u...
HTTP status codesSession managementAPI testingWeb proxies - Question #614Tools and Code Analysis
A penetration tester is writing a web scraper to process a list of more than 100.000 URLs: Which of the following script snippets should the tester use for the best performance?
Web scrapingScriptingPerformance optimizationConcurrency - Question #615Attacks and Exploits
A penetration tester discovers a page on a company's website that has an XSS vulnerability and uses the following code to exploit it: The tester examines the logs on attacker.com a...
XSSHttpOnlyCookie SecuritySession Hijacking Prevention - Question #617Reconnaissance and enumeration
An assessor notes the following TCP ports discovered after an Nmap scan: 21, 23, 25, 80, 110, 139, 443, 445, 3389 Which of the following OSs is the target most likely using?
Port ScanningOS FingerprintingService EnumerationWindows Services - Question #618Information Gathering and Vulnerability Scanning
A team's assessment showed that multiple AWS accounts had the same password. Which of the following is the best tool to use for auditing the AIM AWS space?
AWS SecurityIAM AuditingCloud Security ToolsMisconfiguration Detection - Question #619Vulnerability discovery and analysis
A penetration tester conducted a reconnaissance exercise to gather information about a target organization. The tester discovered the following: 1. The organization's external-faci...
Risk analysisShadow ITData exfiltrationReconnaissance findings - Question #620Reconnaissance and enumeration
During the reconnaissance phase, a penetration tester is searching for OSINT sources to find information about a target client organization. Which of the following is the best sour...
OSINTReconnaissanceInformation Gathering - Question #621Planning and Scoping
A penetration tester is performing an assessment for a company whose e-commerce solution is deployed 100% in a cloud infrastructure and is maintained by a team of globally distribu...
Penetration testing scopeCloud security assessmentEngagement planningInfrastructure focus - Question #622Vulnerability discovery and analysis
A penetration tester scans a web application and finds a CMS. Which of the following is the best tool for the tester to use to search for vulnerabilities for this service?
Vulnerability searchPenetration testing toolsWeb application securityCMS vulnerabilities - Question #623Reporting and Communication
Which of the following penetration test report sections would most likely contain the full results of a vulnerability scan on target servers?
Penetration test reportsReport structureVulnerability scan results - Question #624Post-exploitation and lateral movement
A penetration tester obtains a reverse shell on a server and attempts to download tools for further exploitation. The penetration tester runs a script and obtains the following out...
Post-exploitationIncident ResponseSystem HardeningTool Deployment