Browse Exams Pricing

ExamsPT0-002Questions

PT0-002 Exam Questions

593 real PT0-002 exam questions with expert-verified answers and explanations. Page 7 of 12.

Question #310Reporting and Communication
Which of the following actions would BEST explain why a testing team would need to reach out to a customer's emergency contact during an assessment?
Emergency communicationIncident escalationPen testing communicationCompromise detection
Question #311Attacks and Exploits
An executive needs to use Wi-Fi to connect to the company's server while traveling. Looking for available Wi-Fi connections, the executive notices an available access point to a ho...
Evil twin attackWi-Fi securityMan-in-the-MiddleWireless network attacks
Question #312Attacks and Exploits
A penetration tester calls an IT employee and pretends to be the financial director of the company. The penetration tester asks the IT employee to reset the financial director's em...
Social EngineeringAuthorityUrgencyPenetration Testing Techniques
Question #313Reconnaissance and enumeration
A penetration tester runs the following command: dig @ dns01.comptia.local axfr comptia.local If successful, which of the following types of information would be provided?
DNS zone transferReconnaissanceEnumerationdig command
Question #314Tools and Code Analysis
A company recruited a penetration tester to configure intrusion detection over the wireless network. Which of the following tools would BEST resolve this issue?
Wireless intrusion detectionKismetWireless securityPenetration testing tools
Question #315Attacks and Exploits
While performing an assessment on a web application, a penetration tester notices the web browser creates the following request when clicking on the stock status for an item: POST...
Server-side request forgeryWeb application attacksParameter tamperingVulnerability discovery
Question #316Vulnerability discovery and analysis
following output: Which of the following is the MOST probable cause for this output?
Error handlingApplication securityVulnerability analysisSecure coding
Question #317Reporting and Communication
Which of the following is the MOST secure method for sending the penetration test report to the client?
Secure CommunicationData EncryptionPublic Key InfrastructureReport Delivery
Question #318Information Gathering and Vulnerability Scanning
During a vulnerability scanning phase, a penetration tester wants to execute an Nmap scan using custom NSE scripts stored in the following folder: /home/user/scripts Which of the f...
NmapNSE scriptsVulnerability ScanningCommand-line tools
Question #319Tools and Code Analysis
Within a Python script, a line that states print (var) outputs the following: [{'1' : 'CentOS', '2' : 'Ubuntu'}, {'1' : 'Windows 10', '2' : 'Windows Server 2016'}] Which of the fol...
PythonData structuresListsDictionaries
Question #320Reporting and Communication
A penetration tester wrote the following comment in the final report: "Eighty-five percent of the systems tested were found to be prone to unauthorized access from the internet." W...
Report writingAudience analysisExecutive summaryRisk communication
Question #321Tools and Code Analysis
During a code review assessment, a penetration tester finds the following vulnerable code inside one of the web application files: <% String id = request.getParameter("id"); %> Emp...
Web application securityCross-site scripting (XSS)Output encodingVulnerability remediation
Question #323Planning and Scoping
Which of the following factors would a penetration tester MOST likely consider when testing at a location?
Legal complianceTool usage policyPre-engagement activitiesLocation-specific regulations
Question #324Attacks and Exploits
A penetration tester who is performing a physical assessment has achieved physical access to a call center for the assessed company. The tester is able to move freely around the ro...
Physical assessmentShoulder surfingSocial engineeringInformation gathering
Question #326Information Gathering and Vulnerability Scanning
A company recently moved its software development architecture from VMs to containers. The company has asked a penetration tester to determine if the new containers are configured...
Container SecurityDDoSPort ScanningInitial Reconnaissance
Question #327Tools and Code Analysis
Given the following script: Which of the following describes True?
Boolean LogicProgramming FundamentalsOperatorsScripting
Question #328Information Gathering and Vulnerability Scanning
A security analyst is conducting an unknown environment test from 192.168.3.3. The analyst wants to limit observation of the penetration tester's activities and lower the probabili...
NmapStealth ScanningIDS EvasionPenetration Testing Tools
Question #329Attacks and Exploits
A penetration tester is validating whether input validation mechanisms have been implemented in a web application. Which of the following should the tester use to determine whether...
Path TraversalWeb Application VulnerabilitiesInput ValidationExploitation Techniques
Question #330Attacks and Exploits
A penetration tester learned that when users request password resets, help desk analysts change users' passwords to 123change. The penetration tester decides to brute force an inte...
Password sprayingCredential attacksWeb securityBrute-force attack
Question #331Reconnaissance and enumeration
A penetration tester is conducting an unknown environment test and gathering additional information that can be used for later stages of an assessment. Which of the following would...
ReconnaissanceOSINTCode repositoriesInformation gathering
Question #332Planning and Scoping
Which of the following is a regulatory compliance standard that focuses on user privacy by implementing the right to be forgotten?
GDPRData privacyRegulatory complianceRight to be forgotten
Question #335Information Gathering and Vulnerability Scanning
A penetration tester who was exclusively authorized to conduct a physical assessment noticed there were no cameras pointed at the dumpster for the target company. The penetration t...
Dumpster DivingPhysical ReconnaissanceVulnerability ScanningPenetration Testing Process
Question #336Attacks and Exploits
A penetration tester is attempting to get more people from a target company to download and run an executable. Which of the following would be the MOST effective way for the tester...
Social EngineeringPhishingPretextingUser Exploitation
Question #337Planning and Scoping
Which of the following documents describes activities that are prohibited during a scheduled penetration test?
Penetration testing documentsRules of Engagement (ROE)ScopingProhibited activities
Question #338Information Gathering and Vulnerability Scanning
While performing the scanning phase of a penetration test, the penetration tester runs the following command: nmap -n -vv -sV -p- 10.10.10.23-28 After the Nmap scan is finished, th...
NmapHost DiscoveryPort ScanningTroubleshooting
Question #339Attacks and Exploits
A penetration tester wants to accomplish ARP poisoning as part of an attack. Which of the following tools will the tester MOST likely utilize?
ARP poisoningEttercapMITM attacksPenetration testing tools
Question #340Vulnerability discovery and analysis
A penetration tester executes the following Nmap command and obtains the following output: Which of the following commands would BEST help the penetration tester discover an exploi...
Nmap NSEVulnerability DiscoveryMySQLInformation Gathering
Question #341Attacks and Exploits
During enumeration, a red team discovered that an external web server was frequented by employees. After compromising the server, which of the following attacks would BEST support...
Watering Hole AttackRed Team StrategyInitial AccessClient-Side Exploitation
Question #342Attacks and Exploits
A penetration tester is developing exploits to attack multiple versions of a common software package. The versions have different menus and features, but they have a common log-in...
Exploit developmentCode reuseProgramming conceptsPenetration testing
Question #343Information Gathering and Vulnerability Scanning
Which of the following tools would be BEST suited to perform a cloud security assessment?
Cloud Security AssessmentSecurity ToolsCloud ConfigurationAuditing Tools
Question #344Attacks and Exploits
During the assessment of a client's cloud and on-premises environments, a penetration tester was able to gain ownership of a storage object within the cloud environment using the p...
Federation misconfigurationIdentity and Access Management (IAM)Cloud securityPrivilege escalation
Question #345Post-exploitation and lateral movement
A penetration tester wrote the following script on a compromised system: Which of the following would explain using this script instead of another tool?
Custom ScriptingPost-exploitationInformation GatheringTool Selection
Question #346Attacks and Exploits
During an assessment, a penetration tester Inspected a log and found a series of thousands of requests coming from a single IP address to the same URL. A few of the requests are li...
Insecure Direct Object Reference (IDOR)Web VulnerabilitiesLog AnalysisAutomated Exploitation
Question #347Vulnerability discovery and analysis
During a routine penetration test of a customer's physical data center, a penetration tester observes that no changes have been made to the production firewalls in more than five y...
RemediationSSH Key ManagementSecurity Best PracticesNetwork Security
Question #348Post-exploitation and lateral movement
After compromising a system, a penetration tester wants more information in order to decide what actions to take next. The tester runs the following commands: Which of the followin...
Metadata service attackCloud securityPost-exploitationInformation gathering
Question #349Information Gathering and Vulnerability Scanning
During a vulnerability scan a penetration tester enters the following Nmap command against all of the non-Windows clients: nmap -sX -T4 -p 21-25, 67, 80, 139, 8080 192.168.11.191 T...
NmapPort scanningTCP flagsXmas scan
Question #350Vulnerability discovery and analysis
In Java C/C++, variable initialization is critical because:
Variable InitializationProgramming FundamentalsData IntegrityUnexpected Behavior
Question #351Vulnerability discovery and analysis
During a client engagement, a penetration tester runs the following Nmap command and obtains the following output: Which of the following should the penetration tester include in t...
Nmap scanningSSL/TLS vulnerabilitiesWeak ciphersVulnerability reporting
Question #352Attacks and Exploits
A penetration tester is reviewing the security of a web application running in an IaaS compute instance. Which of the following payloads should the tester send to get the running p...
Local File InclusionPath TraversalCredential DisclosureWeb Application Exploitation
Question #353Reporting and Communication
A penetration tester gains access to a web server and notices a large number of devices in the system ARP table. Upon scanning the web server, the tester determines that many of th...
Network segmentationDMZWeb server securityRemediation
Question #354Reconnaissance and enumeration
In a wireless network assessment, penetration testers would like to discover and gather information about accessible wireless networks in the target area. Which of the following is...
Wireless network assessmentWardrivingReconnaissanceInformation gathering
Question #355Reporting and Communication
After performing a web penetration test, a security consultant is ranking the findings by criticality. Which of the following standards or methodologies would be best for the consu...
Web penetration testingVulnerability rankingOWASP Top 10Criticality assessment
Question #356Attacks and Exploits
A penetration tester is performing an assessment against a customer's web application that is hosted in a major cloud provider's environment. The penetration tester observes that t...
WAF bypassCloud securityWeb application attacksDirect-to-origin attack
Question #357Attacks and Exploits
A penetration tester is conducting an assessment on 192.168.1.112. Given the following output: Which of the following is the penetration tester conducting?
Brute forceAuthentication attacksAttack techniquesPenetration testing
Question #358Reconnaissance and enumeration
During passive reconnaissance of a target organization's infrastructure, a penetration tester wants to identify key contacts and job responsibilities within the company. Which of t...
Passive reconnaissanceOSINTSocial media intelligenceTarget identification
Question #360Planning and Scoping
Which of the following documents would be the most helpful in determining who is at fault for a temporary outage that occurred during a penetration test?
Penetration Test DocumentationRules of EngagementScope DefinitionIncident Management
Question #361Reporting and Communication
A penetration tester discovers passwords in a publicly available data breach during the reconnaissance phase of the penetration test. Which of the following is the best action for...
Client CommunicationEthical HackingData BreachReconnaissance Phase
Question #362Attacks and Exploits
A penetration tester is trying to bypass an active response tool that blocks IP addresses that have more than 100 connections per minute. Which of the following commands would allo...
NmapEvasionRate Limiting BypassActive Response Tool
Question #363Reporting and Communication
During an engagement with a financial institution, a penetration tester found hard-coded credentials in a publicly accessible code repository. Those credentials allowed the penetra...
Incident HandlingEthical HackingVulnerability DisclosureCustomer Communication
Question #365Information Gathering and Vulnerability Scanning
A security engineer is trying to bypass a network IPS that isolates the source when the scan exceeds 100 packets per minute. The scope of the san is to identify web servers in the...
NmapIDS/IPS EvasionPort ScanningRate Limiting

PreviousPage 7 of 12Next

study smarter, certify faster.

Product

Browse Exams
Pricing
PDF Downloads

Resources

Blog
Glossary
Topics
FAQ
Contact Us

Legal

Terms of Service
Privacy Policy
Cookie Policy
DMCA
Refund Policy

Company

About
Contact

© 2026 NerdExam. All rights reserved.Built for IT professionals

NerdExam is a trading name of WADL Solutions Limited, a company incorporated in Hong Kong (CR# 80143234). Registered office: Unit 2904-05, 29/F, Universal Trade Centre, 3 Arbuthnot Road, Central, Hong Kong.

CompTIA, AWS, Cisco, Microsoft, Google Cloud, Oracle, VMware, and other certification names referenced on this site are trademarks of their respective owners. NerdExam is not affiliated with, endorsed by, or sponsored by any certification vendor.