Free Access CompTIA.PT0-002.v2023-02-20.q55 Practice Test (Page 8)

Question 31

A client has requested that the penetration test scan include the following UDP services: SNMP, NetBIOS, and DNS. Which of the following Nmap commands will perform the scan?

A.nmap -vv sUV -p 53, 123-159 10.10.1.20/24 -oA udpscan

B.nmap -vv sUV -p 53,123,161-162 10.10.1.20/24 -oA udpscan

C.nmap -vv sUV -p 53,137-139,161-162 10.10.1.20/24 -oA udpscan

D.nmap -vv sUV -p 53, 122-123, 160-161 10.10.1.20/24 -oA udpscan

Question 32

Penetration-testing activities have concluded, and the initial findings have been reviewed with the client. Which of the following best describes the NEXT step in the engagement?

A.Scheduling of follow-up actions and retesting

B.Attestation of findings and delivery of the report

C.Review of the lessons learned during the engagement

D.Acceptance by the client and sign-off on the final report

Question 33

Which of the following protocols or technologies would provide in-transit confidentiality protection for emailing the final security assessment report?

A.AS2

B.DNSSEC

C.S/MIME

D.FTPS

Question 34

A penetration tester ran the following commands on a Windows server:

Which of the following should the tester do AFTER delivering the final report?

A.Downgrade the svsaccount permissions.

B.Delete the scheduled batch job.

C.Remove the tester-created credentials.

D.Close the reverse shell connection.

Question 35

A penetration tester is reviewing the following SOW prior to engaging with a client:
"Network diagrams, logical and physical asset inventory, and employees' names are to be treated as client confidential. Upon completion of the engagement, the penetration tester will submit findings to the client's Chief Information Security Officer (CISO) via encrypted protocols and subsequently dispose of all findings by erasing them in a secure manner." Based on the information in the SOW, which of the following behaviors would be considered unethical? (Choose two.)

A.Utilizing proprietary penetration-testing tools that are not available to the public or to the client for auditing and inspection

B.Using a software-based erase tool to wipe the client's findings from the penetration tester's laptop

C.Failing to share with the client critical vulnerabilities that exist within the client architecture to appease the client's senior leadership team

D.Seeking help with the engagement in underground hacker forums by sharing the client's public IP address

E.Retaining the SOW within the penetration tester's company for future use so the sales team can plan future engagements

F.Utilizing public-key cryptography to ensure findings are delivered to the CISO upon completion of the engagement

Other Version: 713CompTIA.PT0-002.v2025-07-15.q245; 1398CompTIA.PT0-002.v2024-06-12.q330; 1742CompTIA.PT0-002.v2022-07-29.q85; 1267CompTIA.PT0-002.v2022-04-29.q49; 1513CompTIA.PT0-002.v2022-04-23.q65; 95CompTIA.Trainingdump.PT0-002.v2021-12-19.by.barlow.38q.pdf

Latest Upload: 101OCEG.GRCP.v2025-09-11.q211; 101HP.HPE0-V27.v2025-09-11.q78; 117Oracle.1Z0-1057-23.v2025-09-10.q47; 150Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 164TheSecOpsGroup.CNSP.v2025-09-08.q20; 222CFAInstitute.ESG-Investing.v2025-09-08.q173; 156PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 146Salesforce.Data-Architect.v2025-09-05.q216; 139Adobe.AD0-E605.v2025-09-05.q50

Question 31

Question 32

Question 33

Question 34

Question 35

Download PDF File