Free Access CompTIA.PT0-002.v2024-06-12.q330 Practice Test (Page 33)

Question 156

A penetration tester opened a shell on a laptop at a client's office but is unable to pivot because of restrictive ACLs on the wireless subnet. The tester is also aware that all laptop users have a hard-wired connection available at their desks. Which of the following is the BEST method available to pivot and gain additional access to the network?

A.Capture handshakes from wireless clients to crack.

B.Set up a captive portal with embedded malicious code.

C.Set up another access point and perform an evil twin attack.

D.Span deauthentication packets to the wireless clients.

Question 157

During a penetration test, a tester is in close proximity to a corporate mobile device belonging to a network administrator that is broadcasting Bluetooth frames.
Which of the following is an example of a Bluesnarfing attack that the penetration tester can perform?

A.Sniff and then crack the WPS PIN on an associated WiFi device.

B.Dump the user address book on the device.

C.Break a connection between two Bluetooth devices.

D.Transmit text messages to the device.

Question 158

During a penetration test, a tester is able to change values in the URL from example.com/login.php?id=5 to example.com/login.php?id=10 and gain access to a web application. Which of the following vulnerabilities has the penetration tester exploited?

A.Command injection

B.Broken authentication

C.Direct object reference

D.Cross-site scripting

Question 159

A tester who is performing a penetration test on a website receives the following output:
Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in /var/www/search.php on line 62
Which of the following commands can be used to further attack the website?

A.1 UNION SELECT 1, DATABASE(),3--

B.<script>var adr= '../evil.php?test=' + escape(document.cookie);</script>

C.../../../../../../../../../../etc/passwd

D./var/www/html/index.php;whoami

Question 160

When preparing for an engagement with an enterprise organization, which of the following is one of the MOST important items to develop fully prior to beginning the penetration testing activities?

A.Clarify the statement of work.

B.Obtain an asset inventory from the client.

C.Interview all stakeholders.

D.Identify all third parties involved.

Other Version: 2190CompTIA.PT0-002.v2025-07-15.q245; 1569CompTIA.PT0-002.v2023-02-20.q55; 2293CompTIA.PT0-002.v2022-07-29.q85; 1619CompTIA.PT0-002.v2022-04-29.q49; 1982CompTIA.PT0-002.v2022-04-23.q65; 95CompTIA.Trainingdump.PT0-002.v2021-12-19.by.barlow.38q.pdf

Latest Upload: 203PaloAltoNetworks.NGFW-Engineer.v2026-05-01.q43; 302Nokia.4A0-113.v2026-05-01.q69; 264EC-COUNCIL.312-49v11.v2026-04-30.q214; 230Microsoft.MB-820.v2026-04-30.q101; 213Salesforce.MC-202.v2026-04-30.q57; 207BICSI.INSTC_V8.v2026-04-29.q53; 337NMLS.MLO.v2026-04-28.q82; 245NCARB.Project-Management.v2026-04-28.q27; 466EMC.D-AV-DY-23.v2026-04-27.q184; 1125ServiceNow.CSA.v2026-04-27.q483

Question 156

Question 157

Question 158

Question 159

Question 160

Download PDF File