CompTIA PenTest+ Certification - PT0-002 Exam Practice Test

A penetration tester is conducting an engagement against an internet-facing web application and planning a phishing campaign. Which of the following is the BEST passive method of obtaining the technical contacts for the website?
Correct Answer: D Vote an answer
Explanation: Only visible for PassTestking members. You can sign-up / login (it's free).
A penetration tester is trying to bypass an active response tool that blocks IP addresses that have more than 100 connections per minute. Which of the following commands would allow the tester to finish the test without being blocked?
Correct Answer: C Vote an answer
Explanation: Only visible for PassTestking members. You can sign-up / login (it's free).
Penetration tester who was exclusively authorized to conduct a physical assessment noticed there were no cameras pointed at the dumpster for company. The penetration tester returned at night and collected garbage that contained receipts for recently purchased networking :. The models of equipment purchased are vulnerable to attack. Which of the following is the most likely next step for the penetration?
Correct Answer: D Vote an answer
Explanation: Only visible for PassTestking members. You can sign-up / login (it's free).
A penetration tester has been contracted to review wireless security. The tester has deployed a malicious wireless AP that mimics the configuration of the target enterprise WiFi. The penetration tester now wants to try to force nearby wireless stations to connect to the malicious AP. Which of the following steps should the tester take NEXT?
Correct Answer: D Vote an answer
Explanation: Only visible for PassTestking members. You can sign-up / login (it's free).
A penetration tester is hired to test a client's systems. The client's systems are hosted by the client at its headquarters. The production environment is hosted by a private cloud-hosting company. Which of the following would be the most important for the penetration tester to determine before beginning the test?
Correct Answer: D Vote an answer
Explanation: Only visible for PassTestking members. You can sign-up / login (it's free).
Which of the following describes the reason why a penetration tester would run the command sdelete mimikatz. * on a Windows server that the tester compromised?
Correct Answer: C Vote an answer
A penetration tester is testing a company's public API and discovers that specific input allows the execution of arbitrary commands on the base operating system. Which of the following actions should the penetration tester take next?
Correct Answer: D Vote an answer
Explanation: Only visible for PassTestking members. You can sign-up / login (it's free).
Which of the following documents is agreed upon by all parties associated with the penetration-testing engagement and defines the scope, contacts, costs, duration, and deliverables?
Correct Answer: B Vote an answer
Explanation: Only visible for PassTestking members. You can sign-up / login (it's free).
Which of the following types of communication should a penetration tester provide a client to document test results for PCI DSS compliance?
Correct Answer: B Vote an answer
Explanation: Only visible for PassTestking members. You can sign-up / login (it's free).