Free Access CompTIA.PT0-002.v2024-06-12.q330 Practice Test (Page 29)

Question 136

In the process of active service enumeration, a penetration tester identifies an SMTP daemon running on one of the target company's servers. Which of the following actions would BEST enable the tester to perform
phishing in a later stage of the assessment?

A.Test for RFC-defined protocol conformance.

B.Attempt to brute force authentication to the service.

C.Perform a reverse DNS query and match to the service banner.

D.Check for an open relay configuration.

Question 137

Which of the following BEST describe the OWASP Top 10? (Choose two.)

A.A checklist of Apache vulnerabilities

B.The most critical risks of web applications

C.A risk-governance and compliance framework

D.The risks defined in order of importance

E.A web-application security standard

F.A list of all the risks of web applications

Question 138

During an internal penetration test against a company, a penetration tester was able to navigate to another part of the network and locate a folder containing customer information such as addresses, phone numbers, and credit card numbers. To be PCI compliant, which of the following should the company have implemented to BEST protect this data?

A.Vulnerability scanning

B.Intrusion detection

C.Network segmentation

D.System hardening

Question 139

A red team gained access to the internal network of a client during an engagement and used the Responder tool to capture important data. Which of the following was captured by the testing team?

A.User hashes sent over SMB

B.Encrypted file transfers

C.Multiple handshakes

D.IP addresses

Question 140

A penetration tester would like to obtain FTP credentials by deploying a workstation as an on-path attack between the target and the server that has the FTP protocol. Which of the following methods would be the BEST to accomplish this objective?

A.Wait for the next login and perform a downgrade attack on the server.

B.Perform a brute-force attack over the server.

C.Capture traffic using Wireshark.

D.Use an FTP exploit against the server.

Other Version: 2190CompTIA.PT0-002.v2025-07-15.q245; 1569CompTIA.PT0-002.v2023-02-20.q55; 2293CompTIA.PT0-002.v2022-07-29.q85; 1619CompTIA.PT0-002.v2022-04-29.q49; 1982CompTIA.PT0-002.v2022-04-23.q65; 95CompTIA.Trainingdump.PT0-002.v2021-12-19.by.barlow.38q.pdf

Latest Upload: 203PaloAltoNetworks.NGFW-Engineer.v2026-05-01.q43; 302Nokia.4A0-113.v2026-05-01.q69; 261EC-COUNCIL.312-49v11.v2026-04-30.q214; 230Microsoft.MB-820.v2026-04-30.q101; 212Salesforce.MC-202.v2026-04-30.q57; 207BICSI.INSTC_V8.v2026-04-29.q53; 336NMLS.MLO.v2026-04-28.q82; 244NCARB.Project-Management.v2026-04-28.q27; 466EMC.D-AV-DY-23.v2026-04-27.q184; 1124ServiceNow.CSA.v2026-04-27.q483

Question 136

Question 137

Question 138

Question 139

Question 140

Download PDF File