Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

CompTIA PT0-002 Exam

Exam Name: CompTIA PenTest+ Certification Exam
Exam Code: PT0-002
Related Certification(s): CompTIA PenTest+ Certification
Certification Provider: CompTIA
Number of PT0-002 practice questions in our database: 400 (updated: Jun. 04, 2024)
Expected PT0-002 Exam Topics, as suggested by CompTIA :
  • Topic 1: Planning and Scoping: This exam section explores governance and compliance considerations including Payment Card Industry Data Security Standard (PCI DSS) and General Data Protection Regulation (GDPR), etc.
  • Topic 2: Information Gathering and Vulnerability Scanning: This section deals with ensuring active and passive reconnaissance, and evaluating the outcomes of reconnaissance exercises.
  • Topic 3: Attacks and Exploits: This section is about researching attack vectors, executing wireless attacks, and application attacks on cloud networks.
  • Topic 4: Reporting and Communication: This section is about comparing vital elements of written reports, suggesting the right remediations, understanding communication during penetration, and various post-report tasks.
  • Topic 5: Tools and Code Analysis: Describe scripting and software development, study and assess script samples within penetrations, and explain use cases during penetration testing.
Disscuss CompTIA PT0-002 Topics, Questions or Ask Anything Related

Currently there are no comments in this discussion, be the first to comment!

Free CompTIA PT0-002 Exam Actual Questions

Note: Premium Questions for PT0-002 were last updated On Jun. 04, 2024 (see below)

Question #1

Which of the following tools provides Python classes for interacting with network protocols?

Reveal Solution Hide Solution
Correct Answer: B

Impacket is a collection of Python classes focused on providing access to network protocols. It is designed for low-level protocol access and crafted to perform various networking tasks from Python scripts. This toolkit is widely used in penetration testing for creating and decoding network protocols and for crafting and injecting packets into the network. Impacket supports a myriad of protocols like IP, TCP, UDP, ICMP, SMB, MSRPC, NTP, and more. With its vast array of functionalities, Impacket is very useful in protocol testing and attacks, like the ones a penetration tester would conduct.

Responder, on the other hand, is a LLMNR, NBT-NS, and MDNS poisoner that can be used for capturing NetNTLM hashes. Empire is a post-exploitation framework that allows the use of PowerShell for offensive security and PowerSploit is a collection of Microsoft PowerShell modules that can be used to aid penetration testers during all phases of an assessment.

Given these descriptions, Impacket is the tool that fits the context of the question due to its direct interaction with network protocols through Python.


Question #2

A penetration tester approaches a company employee in the smoking area and starts a conversation about the company's recent social event. After a few minutes, the employee holds the badge-protected door open for the penetration tester and both enter the company's building. Which of the following attacks did the penetration tester perform?

Reveal Solution Hide Solution
Correct Answer: D

In this scenario, the penetration tester performed a 'Tailgating' attack (D), where the tester follows closely behind a legitimate employee to gain unauthorized access to a secure area without being noticed. This social engineering technique relies on exploiting human tendencies to be polite or avoid confrontation, rather than using technical hacking methods. The tester engaged the employee in casual conversation to appear less suspicious and took advantage of the situation when the employee, perhaps distracted or feeling socially obliged, held the door open for them.


Question #3

A penetration tester is performing an assessment for an organization and must gather valid user credentials. Which of the following attacks would be best for the tester to use to achieve this objective?

Reveal Solution Hide Solution
Correct Answer: D

Impersonation attacks involve the penetration tester assuming the identity of a valid user to gain unauthorized access to systems or information. This method is particularly effective for gathering valid user credentials, as it can involve tactics such as phishing, social engineering, or exploiting weak authentication processes. The other options, such as Wardriving, Captive portal, and Deauthentication, are more focused on wireless network vulnerabilities and are less direct in obtaining user credentials.


Question #4

A penetration tester approaches a company employee in the smoking area and starts a conversation about the company's recent social event. After a few minutes, the employee holds the badge-protected door open for the penetration tester and both enter the company's building. Which of the following attacks did the penetration tester perform?

Reveal Solution Hide Solution
Correct Answer: D

In this scenario, the penetration tester performed a 'Tailgating' attack (D), where the tester follows closely behind a legitimate employee to gain unauthorized access to a secure area without being noticed. This social engineering technique relies on exploiting human tendencies to be polite or avoid confrontation, rather than using technical hacking methods. The tester engaged the employee in casual conversation to appear less suspicious and took advantage of the situation when the employee, perhaps distracted or feeling socially obliged, held the door open for them.


Question #5

After successfully compromising a remote host, a security consultant notices an endpoint protection software is running on the host. Which of the following commands would be

best for the consultant to use to terminate the protection software and its child processes?

Reveal Solution Hide Solution
Correct Answer: A

The taskkill command is used in Windows to terminate tasks by process ID (PID) or image name (IM). The correct command to terminate a specified process and any child processes which were started by it uses the /T flag, and the /F flag is used to force terminate the process. Therefore, taskkill /PID <PID> /T /F is the correct syntax to terminate the endpoint protection software and its child processes.

The other options listed are either incorrect syntax or do not accomplish the task of terminating the child processes:

* /IM specifies the image name but is not necessary when using /PID.

* /S specifies the remote system to connect to and /U specifies the user context under which the command should execute, neither of which are relevant to terminating processes.

* There is no /P flag in the taskkill command.



Unlock Premium PT0-002 Exam Questions with Advanced Practice Test Features:
  • Select Question Types you want
  • Set your Desired Pass Percentage
  • Allocate Time (Hours : Minutes)
  • Create Multiple Practice tests with Limited Questions
  • Customer Support
Get Full Access Now

Save Cancel