Free Access CompTIA.PT0-002.v2022-04-23.q65 Practice Test (Page 4)

Question 11

A penetration tester is able to capture the NTLM challenge-response traffic between a client and a server.
Which of the following can be done with the pcap to gain access to the server?

A.Perform vertical privilege escalation.

B.Use John the Ripper to crack the password.

C.Replay the captured traffic to the server to recreate the session.

D.Utilize a pass-the-hash attack.

Question 12

A penetration tester has obtained root access to a Linux-based file server and would like to maintain persistence after reboot. Which of the following techniques would BEST support this objective?

A.Create a one-shot systemd service to establish a reverse shell.

B.Run the nc -e /bin/sh <...> command.

C.Obtain /etc/shadow and brute force the root password.

D.Move laterally to create a user account on LDAP

Question 13

A penetration tester wants to identify CVEs that can be leveraged to gain execution on a Linux server that has an SSHD running. Which of the following would BEST support this task?

A.Run nmap with the -sA option set against the target

B.Run nmap with the -sV and -p22 options set against the target

C.Run nmap with the -o, -p22, and -sC options set against the target

D.Run nmap with the --script vulners option set against the target

Question 14

A penetration tester wants to identify CVEs that can be leveraged to gain execution on a Linux server that has an SSHD running. Which of the following would BEST support this task?

A.Run nmap with the -sV and -p22 options set against the target

B.Run nmap with the --script vulners option set against the target

C.Run nmap with the -o, -p22, and -sC options set against the target

D.Run nmap with the -sA option set against the target

Question 15

A penetration tester has gained access to a network device that has a previously unknown IP range on an interface. Further research determines this is an always-on VPN tunnel to a third-party supplier.
Which of the following is the BEST action for the penetration tester to take?

A.Stop the assessment and inform the emergency contact.

B.Utilize the tunnel as a means of pivoting to other internal devices.

C.Disregard the IP range, as it is out of scope.

D.Scan the IP range for additional systems to exploit.

Other Version: 714CompTIA.PT0-002.v2025-07-15.q245; 1398CompTIA.PT0-002.v2024-06-12.q330; 1159CompTIA.PT0-002.v2023-02-20.q55; 1742CompTIA.PT0-002.v2022-07-29.q85; 1267CompTIA.PT0-002.v2022-04-29.q49; 95CompTIA.Trainingdump.PT0-002.v2021-12-19.by.barlow.38q.pdf

Latest Upload: 101OCEG.GRCP.v2025-09-11.q211; 101HP.HPE0-V27.v2025-09-11.q78; 117Oracle.1Z0-1057-23.v2025-09-10.q47; 150Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 164TheSecOpsGroup.CNSP.v2025-09-08.q20; 222CFAInstitute.ESG-Investing.v2025-09-08.q173; 157PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 146Salesforce.Data-Architect.v2025-09-05.q216; 140Adobe.AD0-E605.v2025-09-05.q50

Question 11

Question 12

Question 13

Question 14

Question 15

Download PDF File