Browse Exams Pricing

ExamsPT0-002Questions

PT0-002 Exam Questions

593 real PT0-002 exam questions with expert-verified answers and explanations. Page 4 of 12.

Question #158Reporting and Communication
Which of the following protocols or technologies would in-transit confidentially protection for emailing the final security assessment report?
S/MIMEEmail securityConfidentialitySecure communication protocols
Question #159Attacks and Exploits
A penetration tester was able to gather MD5 hashes from a server and crack the hashes easily with rainbow tables. Which of the following should be included as a recommendation in t...
Hashing algorithmsPassword securityRainbow tablesVulnerability remediation
Question #160Information Gathering and Vulnerability Scanning
A penetration tester found the following valid URL while doing a manual assessment of a web Which of the following automated tools would be best to use NEXT to try to identify a vu...
Web application scanningVulnerability scanning toolsNiktoAutomated tools
Question #161Reconnaissance and enumeration
A penetration tester is attempting to discover live hosts on a subnet quickly. Which of the following commands will perform a ping scan?
nmaphost discoveryping scanreconnaissance
Question #162Reconnaissance and enumeration
Which of the following tools would be MOST useful in collecting vendor and other security- relevant information for IoT devices to support passive reconnaissance?
IoT securityPassive reconnaissanceInformation gathering toolsShodan
Question #163Information Gathering and Vulnerability Scanning
A penetration tester downloaded a Java application file from a compromised web server and identifies how to invoke it by looking at the following log: Which of the following is the...
Packet captureNetwork analysisEncryption validationDynamic analysis
Question #164Planning and Scoping
When planning a penetration-testing effort, clearly expressing the rules surrounding the optimal time of day for test execution is important because:
Penetration Testing PlanningEngagement ScopingBusiness ImpactScheduling
Question #165Planning and Scoping
A company uses a cloud provider with shared network bandwidth to host a web application on dedicated servers. The company's contact with the cloud provider prevents any activities...
Cloud securityPenetration testing scopeDDoS testingShared infrastructure
Question #166Post-exploitation and lateral movement
A penetration tester is cleaning up and covering tracks at the conclusion of a penetration test. Which of the following should the tester be sure to remove from the system? (Choose...
Post-exploitation cleanupCovering tracksPenetration testing methodologySystem remediation
Question #167Vulnerability discovery and analysis
A software company has hired a security consultant to assess the security of the company's software development practices. The consultant opts to begin reconnaissance by performing...
FuzzingBuffer OverflowVulnerability DiscoverySoftware Security
Question #168Attacks and Exploits
A penetration tester has prepared the following phishing email for an upcoming penetration test: Which of the following is the penetration tester using MOST to influence phishing t...
PhishingSocial EngineeringInfluence TacticsPenetration Testing
Question #169Attacks and Exploits
During a penetration test, a tester is able to change values in the URL from example.com/login.php?id=5 to example.com/login.php?id=10 and gain access to a web application. Which o...
Direct Object ReferenceBroken Access ControlWeb application securityPenetration testing
Question #170Vulnerability discovery and analysis
Which of the following situations would MOST likely warrant revalidation of a previous security assessment?
Security assessment lifecycleVulnerability remediationRetestingRemediation verification
Question #171Post-exploitation and lateral movement
A penetration tester gains access to a system and is able to migrate to a user process: Given the output above, which of the following actions is the penetration tester performing?...
Post-exploitationLateral MovementRemote ExecutionNetwork Shares
Question #172Post-exploitation and lateral movement
After gaining access to a previous system, a penetration tester runs an Nmap scan against a network with the following results: The tester then runs the following command from the...
PowerShell RemotingLateral MovementIP AddressingNetwork Troubleshooting
Question #173Information Gathering and Vulnerability Scanning
Which of the following assessment methods is MOST likely to cause harm to an ICS environment?
ICS SecurityVulnerability ScanningPenetration Testing RisksOT Security
Question #174Attacks and Exploits
During a penetration test, a tester is in close proximity to a corporate mobile device belonging to a network administrator that is broadcasting Bluetooth frames. Which of the foll...
Bluetooth attacksBluesnarfingMobile device securityPenetration testing techniques
Question #175Reporting and Communication
Which of the following would a company's hunt team be MOST interested in seeing in a final report?
Threat HuntingReportingTTPsSecurity Operations
Question #176Information Gathering and Vulnerability Scanning
A Chief Information Security Officer wants a penetration tester to evaluate whether a recently installed firewall is protecting a subnetwork on which many decades- old legacy syste...
Vulnerability ScanningLegacy SystemsScan PlanningPenetration Testing Methodology
Question #177Attacks and Exploits
Which of the following provides an exploitation suite with payload modules that cover the broadest range of target system types?
MetasploitExploitation frameworksPayloadsPenetration testing tools
Question #178Information Gathering and Vulnerability Scanning
A penetration tester writes the following script: Which of the following is the tester performing?
Port scanningNetwork reconnaissanceInformation gathering
Question #179Post-exploitation and lateral movement
A CentOS computer was exploited during a penetration test. During initial reconnaissance, the penetration tester discovered that port 25 was open on an internal Sendmail server. To...
NetcatPost-exploitationLocal Host InteractionStealth
Question #180Vulnerability discovery and analysis
A penetration tester utilized Nmap to scan host 64.13.134.52 and received the following results: Based on the output, which of the following services are MOST likely to be exploite...
NmapVulnerability ScanningService EnumerationCommon Vulnerabilities
Question #181Information Gathering and Vulnerability Scanning
An assessor wants to run an Nmap scan as quietly as possible. Which of the following commands will give the LEAST chance of detection?
NmapStealth ScanningTiming TemplatesNetwork Scanning
Question #182Engagement management
A final penetration test report has been submitted to the board for review and accepted. The report has three findings rated high. Which of the following should be the NEXT step?
RemediationPost-penetration testingVulnerability managementPenTest lifecycle
Question #183Engagement management
Which of the following situations would require a penetration tester to notify the emergency contact for the engagement?
Emergency proceduresRules of engagementIncident reportingCommunication protocols
Question #184Attacks and Exploits
During an engagement, a penetration tester found the following list of strings inside a file: Which of the following is the BEST technique to determine the known plaintext of the s...
Password crackingRainbow tableHashingCryptographic attacks
Question #185Information Gathering and Vulnerability Scanning
A penetration tester ran a simple Python-based scanner. The following is a snippet of the code: Which of the following BEST describes why this script triggered a `probable port sca...
Port ScanningIDS DetectionNetwork ReconnaissancePython Scripting
Question #186Engagement management
A penetration tester is conducting an authorized, physical penetration test to attempt to enter a client's building during non-business hours. Which of the following are MOST impor...
Physical penetration testingEngagement documentationClient communicationAuthorization
Question #187Reconnaissance and enumeration
A penetration tester receives the following results from an Nmap scan: Which of the following OSs is the target MOST likely running?
NmapOS FingerprintingActive ReconnaissanceEnumeration
Question #188Tools and Code Analysis
A penetration tester downloaded the following Perl script that can be used to identify vulnerabilities in network switches. However, the script is not working properly. Which of th...
Perl ScriptingScript DebuggingVulnerability ScanningPenetration Testing Tools
Question #189Attacks and Exploits
A penetration tester finds a PHP script used by a web application in an unprotected internal source code repository. After reviewing the code, the tester identifies the following:...
Penetration Testing ToolsWeb ExploitationCommand-line UtilitiesPHP Script Exploitation
Question #190Post-exploitation and lateral movement
A penetration tester is conducting a penetration test. The tester obtains a root-level shell on a Linux server and discovers the following data in a file named password.txt in the...
Base64 encodingLinux commandsData decodingPost-exploitation
Question #191Planning and Scoping
A company has recruited a penetration tester to conduct a vulnerability scan over the network. The test is confirmed to be on a known environment. Which of the following would be t...
Asset managementPre-assessmentScopingInformation gathering
Question #192Reconnaissance and enumeration
A security firm has been hired to perform an external penetration test against a company. The only information the firm received was the company name. Which of the following passiv...
Passive ReconnaissanceOpen Source Intelligence (OSINT)External Penetration TestingSupply Chain Analysis
Question #193Planning and Scoping
A security firm is discussing the results of a penetration test with the client. Based on the findings, the client wants to focus the remaining time on a critical network segment....
penetration test strategyscope managementprioritizationclient communication
Question #194Tools and Code Analysis
Which of the following tools would be BEST suited to perform a manual web application security assessment? (Choose two.)
Web application securityPenetration testing toolsVulnerability assessmentOWASP ZAPBurp Suite
Question #195Reconnaissance and enumeration
A penetration tester is evaluating a company's network perimeter. The tester has received limited information about defensive controls or countermeasures, and limited internal know...
ReconnaissancePassive ReconnaissanceDNS LookupPenetration Testing Methodology
Question #196Vulnerability discovery and analysis
A penetration tester captured the following traffic during a web-application test: Which of the following methods should the tester use to visualize the authorization information b...
HTTP Basic AuthenticationBase64 encodingTraffic analysisWeb application security
Question #197Attacks and Exploits
A penetration tester was hired to perform a physical security assessment of an organization's office. After monitoring the environment for a few hours, the penetration tester notic...
Physical security assessmentSocial engineeringBadge cloningAccess control bypass
Question #198Information Gathering and Vulnerability Scanning
A penetration tester wants to find hidden information in documents available on the web at a particular domain. Which of the following should the penetration tester use?
Metadata extractionInformation gatheringReconnaissance toolsOSINT
Question #199Post-exploitation and lateral movement
A penetration tester has gained access to the Chief Executive Officer's (CEO's) internal, corporate email. The next objective is to gain access to the network. Which of the followi...
Post-exploitationPrivilege escalationMail server securityNetwork access
Question #200Information Gathering and Vulnerability Scanning
A penetration tester needs to perform a vulnerability scan against a web server. Which of the following tools is the tester MOST likely to choose?
Web Vulnerability ScanningPenetration Testing ToolsNikto
Question #201Vulnerability discovery and analysis
A penetration tester is testing a new version of a mobile application in a sandbox environment. To intercept and decrypt the traffic between the application and the external API, t...
Certificate pinningMobile securityTraffic interceptionSSL/TLS troubleshooting
Question #202Planning and Scoping
Which of the following concepts defines the specific set of steps and approaches that are conducted during a penetration test?
Penetration testing methodologyEngagement planningPenTest+ concepts
Question #203Attacks and Exploits
A private investigation firm is requesting a penetration test to determine the likelihood that attackers can gain access to mobile devices and then exfiltrate data from those devic...
Social engineeringMobile device securitySmishingMalware delivery
Question #204Attacks and Exploits
A physical penetration tester needs to get inside an organization's office and collect sensitive information without acting suspiciously or being noticed by the security guards. Th...
Physical penetration testingSocial engineeringPhysical access control bypassTailgating
Question #205Vulnerability discovery and analysis
An Nmap scan of a network switch reveals the following: Which of the following technical controls will most likely be the FIRST recommendation for this device?
Vulnerability ScanningDevice HardeningNetwork SecuritySecurity Controls
Question #206Reporting and Communication
A penetration tester, who is doing an assessment, discovers an administrator has been exfiltrating proprietary company information. The administrator offers to pay the tester to ke...
EthicsReporting proceduresProfessional conductClient communication
Question #207Information Gathering and Vulnerability Scanning
A Chief Information Security Officer wants to evaluate the security of the company's e-commerce application. Which of the following tools should a penetration tester use FIRST to o...
Web application securityInformation gatheringPenetration testing toolsReconnaissance

PreviousPage 4 of 12Next

study smarter, certify faster.

Product

Browse Exams
Pricing
PDF Downloads

Resources

Blog
Glossary
Topics
FAQ
Contact Us

Legal

Terms of Service
Privacy Policy
Cookie Policy
DMCA
Refund Policy

Company

About
Contact

© 2026 NerdExam. All rights reserved.Built for IT professionals

NerdExam is a trading name of WADL Solutions Limited, a company incorporated in Hong Kong (CR# 80143234). Registered office: Unit 2904-05, 29/F, Universal Trade Centre, 3 Arbuthnot Road, Central, Hong Kong.

CompTIA, AWS, Cisco, Microsoft, Google Cloud, Oracle, VMware, and other certification names referenced on this site are trademarks of their respective owners. NerdExam is not affiliated with, endorsed by, or sponsored by any certification vendor.