Free Access CompTIA.PT0-002.v2023-02-20.q55 Practice Test (Page 4)

Question 11

A consulting company is completing the ROE during scoping.
Which of the following should be included in the ROE?

A.Report distribution

B.Cost ofthe assessment

C.Liability

D.Testing restrictions

Question 12

When preparing for an engagement with an enterprise organization, which of the following is one of the MOST important items to develop fully prior to beginning the penetration testing activities?

A.Identify all third parties involved.

B.Clarify the statement of work.

C.Obtain an asset inventory from the client.

D.Interview all stakeholders.

Question 13

A penetration tester is looking for a vulnerability that enables attackers to open doors via a specialized TCP service that is used for a physical access control system. The service exists on more than 100 different hosts, so the tester would like to automate the assessment. Identification requires the penetration tester to:
Have a full TCP connection
Send a "hello" payload
Walt for a response
Send a string of characters longer than 16 bytes
Which of the following approaches would BEST support the objective?

A.Run nmap -Pn -sV -script vuln <IP address>.

B.Employ an OpenVAS simple scan against the TCP port of the host.

C.Create a script in the Lua language and use it with NSE.

D.Perform a credentialed scan with Nessus.

Question 14

Which of the following describes the reason why a penetration tester would run the command sdelete mimikatz. * on a Windows server that the tester compromised?

A.To remove the tester-created Mimikatz account

B.To remove tools from the server

C.To remove hash-cracking registry entries

D.To remove a reverse shell from the system

Question 15

A penetration tester has identified several newly released CVEs on a VoIP call manager. The scanning tool the tester used determined the possible presence of the CVEs based off the version number of the service. Which of the following methods would BEST support validation of the possible findings?

A.Review SIP traffic from an on-path position to look for indicators of compromise

B.Test with proof-of-concept code from an exploit database

C.Manually check the version number of the VoIP service against the CVE release

D.Utilize an nmap -sV scan against the service

Other Version: 713CompTIA.PT0-002.v2025-07-15.q245; 1398CompTIA.PT0-002.v2024-06-12.q330; 1742CompTIA.PT0-002.v2022-07-29.q85; 1267CompTIA.PT0-002.v2022-04-29.q49; 1513CompTIA.PT0-002.v2022-04-23.q65; 95CompTIA.Trainingdump.PT0-002.v2021-12-19.by.barlow.38q.pdf

Latest Upload: 101OCEG.GRCP.v2025-09-11.q211; 101HP.HPE0-V27.v2025-09-11.q78; 117Oracle.1Z0-1057-23.v2025-09-10.q47; 150Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 164TheSecOpsGroup.CNSP.v2025-09-08.q20; 222CFAInstitute.ESG-Investing.v2025-09-08.q173; 156PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 146Salesforce.Data-Architect.v2025-09-05.q216; 139Adobe.AD0-E605.v2025-09-05.q50

Question 11

Question 12

Question 13

Question 14

Question 15

Download PDF File