CompTIA PT0-002 Exam Dumps PDF

CompTIA PenTest+ Certification Exam

Total Questions: 278
Update Date: June 05, 2024

PDF + Test Engine $65
Test Engine $55
PDF $45

  • Last Update on June 05, 2024
  • 100% Passing Guarantee of PT0-002 Exam
  • 90 Days Free Updates of PT0-002 Exam
  • Full Money Back Guarantee on PT0-002 Exam

DumpsFactory is forever best for your CompTIA PT0-002 exam preparation.

For your best practice we are providing you free questions with valid answers for the exam of CompTIA, to practice for this material you just need sign up to our website for a free account. A large bundle of customers all over the world is getting advantages by our CompTIA PT0-002 dumps. We are providing 100% passing guarantee for your PT0-002 that you will get more high grades by using our material which is prepared by our most distinguish and most experts team.

Most regarded plan to pass your CompTIA PT0-002 exam:

We have hired most extraordinary and most familiar experts in this field, who are so talented in preparing the material, that there prepared material can succeed you in getting the high grades in CompTIA PT0-002 exams in one day. That is why DumpsFactory available for your assistance 24/7.

Easily accessible for mobile user:

Mobile users can easily get updates and can download the CompTIA PT0-002 material in PDF format after purchasing our material and can study it any time in their busy life when they have desire to study.

Get Pronto CompTIA PT0-002 Questions and Answers

By using our material you can succeed in CompTIA PT0-002 exam in your first attempt because we update our material regularly for new questions and answers for CompTIA PT0-002 exam.

Notorious and experts present CompTIA PT0-002 Dumps PDF

Our most extraordinary experts are too much familiar and experienced with the behaviour of CompTIA Exams that they prepared such beneficial material for our users.

Guarantee for Your Investment

DumpsFactory wants that their customers increased more rapidly, so we are providing to our customer with the most demanded and updated questions to pass CompTIA PT0-002 Exam. You can claim for your investment by using our money back policy if you have not been availed with our promised facilities for the CompTIA exams. For details visit to Refund Contract.

Question 1

During an assessment, a penetration tester gathered OSINT for one of the IT systems administrators from the target company and managed to obtain valuable information, including corporate email addresses. Which of the following techniques should the penetration tester perform NEXT?

A. Badge cloning 
B. Watering-hole attack 
C. Impersonation 
D. Spear phishing

Answer: D

Question 2

An exploit developer is coding a script that submits a very large number of small requests to a web server until the server is compromised. The script must examine each response received and compare the data to a large number of strings to determine which data to submit next. Which of the following data structures should the exploit developer use to make the string comparison and determination as efficient as possible? 

A. A list 
B. A tree 
C. A dictionary 
D. An array 

Answer: C

Question 3

A penetration tester who is performing a physical assessment of a company’s security practices notices the company does not have any shredders inside the office building. Which of the following techniques would be BEST to use to gain confidential information? 

A. Badge cloning 
B. Dumpster diving 
C. Tailgating 
D. Shoulder surfing 

Answer: B

Question 4

A penetration tester initiated the transfer of a large data set to verify a proof-of-concept attack as permitted by the ROE. The tester noticed the client's data included PII, which is out of scope, and immediately stopped the transfer. Which of the following MOST likely explains the penetration tester's decision? 

A. The tester had the situational awareness to stop the transfer. 
B. The tester found evidence of prior compromise within the data set. 
C. The tester completed the assigned part of the assessment workflow. 
D. The tester reached the end of the assessment time frame. 

Answer: A

Question 5

A penetration tester would like to obtain FTP credentials by deploying a workstation as an on-path attack between the target and the server that has the FTP protocol. Which of the following methods would be the BEST to accomplish this objective? 

A. Wait for the next login and perform a downgrade attack on the server. 
B. Capture traffic using Wireshark. 
C. Perform a brute-force attack over the server. 
D. Use an FTP exploit against the server. 

Answer: B

Question 6

Given the following output: User-agent:* Disallow: /author/ Disallow: /xmlrpc.php Disallow: /wp-admin Disallow: /page/ During which of the following activities was this output MOST likely obtained? 

A. Website scraping 
B. Website cloning
 C. Domain enumeration 
D. URL enumeration 

Answer: A

Question 7

A penetration tester is starting an assessment but only has publicly available information about the target company. The client is aware of this exercise and is preparing for the test. Which of the following describes the scope of the assessment? 

A. Partially known environment testing 
B. Known environment testing 
C. Unknown environment testing 
D. Physical environment testing 

Answer: C

Question 8

A company’s Chief Executive Officer has created a secondary home office and is concerned that the WiFi service being used is vulnerable to an attack. A penetration tester is hired to test the security of the WiFi’s router. Which of the following is MOST vulnerable to a brute-force attack? 

A. WPS 
B. WPA2-EAP 
C. WPA-TKIP
 D. WPA2-PSK 

Answer: A

Question 9

Which of the following protocols or technologies would provide in-transit confidentiality protection for emailing the final security assessment report? 

A. S/MIME 
B. FTPS 
C. DNSSEC 
D. AS2 

Answer: A

Question 10

A penetration tester who is conducting a web-application test discovers a clickjacking vulnerability associated with a login page to financial data. Which of the following should the tester do with this information to make this a successful exploit? 

A. Perform XSS. 
B. Conduct a watering-hole attack. 
C. Use BeEF. 
D. Use browser autopwn. 

Answer: A