Free Access CompTIA.PT0-002.v2024-06-12.q330 Practice Test (Page 59)

Question 286

A penetration-testing team needs to test the security of electronic records in a company's office. Per the terms of engagement, the penetration test is to be conducted after hours and should not include circumventing the alarm or performing destructive entry. During outside reconnaissance, the team sees an open door from an adjoining building. Which of the following would be allowed under the terms of the engagement?

A.Prying the lock open on the records room

B.Climbing in an open window of the adjoining building

C.Presenting a false employee ID to the night guard

D.Obstructing the motion sensors in the hallway of the records room

Question 287

In an unprotected network file repository, a penetration tester discovers a text file containing usernames and passwords in cleartext and a spreadsheet containing data for 50 employees, including full names, roles, and serial numbers. The tester realizes some of the passwords in the text file follow the format: <name- serial_number>. Which of the following would be the best action for the tester to take NEXT with this information?

A.Document the unprotected file repository as a finding in the penetration-testing report.

B.Recommend using a password manage/vault instead of text files to store passwords securely.

C.Create a custom password dictionary as preparation for password spray testing.

D.Recommend configuring password complexity rules in all the systems and applications.

Question 288

During a penetration test, a tester is in close proximity to a corporate mobile device belonging to a network administrator that is broadcasting Bluetooth frames.
Which of the following is an example of a Bluesnarfing attack that the penetration tester can perform?

A.Sniff and then crack the WPS PIN on an associated WiFi device.

B.Break a connection between two Bluetooth devices.

C.Dump the user address book on the device.

D.Transmit text messages to the device.

Question 289

After gaining access to a previous system, a penetration tester runs an Nmap scan against a network with the following results:

The tester then runs the following command from the previous exploited system, which fails:
Which of the following explains the reason why the command failed?

A.PowerShell requires administrative privilege.

B.The command requires the -port 135 option.

C.The tester input the incorrect IP address.

D.An account for RDP does not exist on the server.

Question 290

A company becomes concerned when the security alarms are triggered during a penetration test. Which of the following should the company do NEXT?

A.Halt the penetration test.

B.Contact law enforcement.

C.Deconflict with the penetration tester.

D.Assume the alert is from the penetration test.

Other Version: 2190CompTIA.PT0-002.v2025-07-15.q245; 1565CompTIA.PT0-002.v2023-02-20.q55; 2292CompTIA.PT0-002.v2022-07-29.q85; 1616CompTIA.PT0-002.v2022-04-29.q49; 1981CompTIA.PT0-002.v2022-04-23.q65; 95CompTIA.Trainingdump.PT0-002.v2021-12-19.by.barlow.38q.pdf

Latest Upload: 200PaloAltoNetworks.NGFW-Engineer.v2026-05-01.q43; 292Nokia.4A0-113.v2026-05-01.q69; 251EC-COUNCIL.312-49v11.v2026-04-30.q214; 227Microsoft.MB-820.v2026-04-30.q101; 207Salesforce.MC-202.v2026-04-30.q57; 204BICSI.INSTC_V8.v2026-04-29.q53; 332NMLS.MLO.v2026-04-28.q82; 241NCARB.Project-Management.v2026-04-28.q27; 457EMC.D-AV-DY-23.v2026-04-27.q184; 1109ServiceNow.CSA.v2026-04-27.q483

Question 286

Question 287

Question 288

Question 289

Question 290

Download PDF File