Free Access CompTIA.PT0-002.v2022-07-29.q85 Practice Test (Page 2)

Question 1

When preparing for an engagement with an enterprise organization, which of the following is one of the MOST important items to develop fully prior to beginning the penetration testing activities?

A.Interview all stakeholders.

B.Obtain an asset inventory from the client.

C.Identify all third parties involved.

D.Clarify the statement of work.

Question 2

In the process of active service enumeration, a penetration tester identifies an SMTP daemon running on one of the target company's servers. Which of the following actions would BEST enable the tester to perform
phishing in a later stage of the assessment?

A.Test for RFC-defined protocol conformance.

B.Attempt to brute force authentication to the service.

C.Perform a reverse DNS query and match to the service banner.

D.Check for an open relay configuration.

Question 3

A penetration tester performs the following command:
curl -I -http2 https://www.comptia.org
Which of the following snippets of output will the tester MOST likely receive?

A.Option D

B.Option C

C.Option A

D.Option B

Question 4

A penetration tester recently completed a review of the security of a core network device within a corporate environment. The key findings are as follows:
* The following request was intercepted going to the network device:
GET /login HTTP/1.1
Host: 10.50.100.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0
Accept-Language: en-US,en;q=0.5
Connection: keep-alive
Authorization: Basic WU9VUilOQU1FOnNlY3JldHBhc3N3b3jk
* Network management interfaces are available on the production network.
* An Nmap scan returned the following:

Which of the following would be BEST to add to the recommendations section of the final report? (Choose two.)

A.Create an out-of-band network for management.

B.Eliminate network management and control interfaces.

C.Disable HTTP/301 redirect configuration.

D.Implement a better method for authentication.

E.Disable or upgrade SSH daemon.

F.Enforce enhanced password complexity requirements.

Question 5

A penetration tester has been given eight business hours to gain access to a client's financial system. Which of the following techniques will have the highest likelihood of success?

A.Dropping a malicious USB key with the company's logo in the parking lot

B.Attempting to tailgate an employee going into the client's workplace

C.Performing spear phishing against employees by posing as senior management

D.Using a brute-force attack against the external perimeter to gain a foothold

Other Version: 712CompTIA.PT0-002.v2025-07-15.q245; 1398CompTIA.PT0-002.v2024-06-12.q330; 1148CompTIA.PT0-002.v2023-02-20.q55; 1267CompTIA.PT0-002.v2022-04-29.q49; 1512CompTIA.PT0-002.v2022-04-23.q65; 95CompTIA.Trainingdump.PT0-002.v2021-12-19.by.barlow.38q.pdf

Latest Upload: 117Oracle.1Z0-1057-23.v2025-09-10.q47; 150Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 156TheSecOpsGroup.CNSP.v2025-09-08.q20; 207CFAInstitute.ESG-Investing.v2025-09-08.q173; 155PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 145Salesforce.Data-Architect.v2025-09-05.q216; 138Adobe.AD0-E605.v2025-09-05.q50; 182Nutanix.NCP-MCI-6.10.v2025-09-05.q55; 114Oracle.1z0-591.v2025-09-05.q104

Question 1

Question 2

Question 3

Question 4

Question 5

Download PDF File