Summer Special Sale - 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: best70

Page: 1 / 14
Total 139 questions
Exam Code: PT0-002                Update: Jul 18, 2026
Exam Name: CompTIA PenTest+ Certification Exam

CompTIA CompTIA PenTest+ Certification Exam PT0-002 Exam Dumps: Updated Questions & Answers (July 2026)

Question # 1

A penetration tester is examining a Class C network to identify active systems quickly. Which of the following commands should the penetration tester use?

A.

nmap גsn 192.168.0.1/16

B.

nmap גsn 192.168.0.1-254

C.

nmap גsn 192.168.0.1 192.168.0.1.254

D.

nmap גsN 192.168.0.0/24

Question # 2

In the process of active service enumeration, a penetration tester identifies an SMTP daemon running on one of the target company’s servers. Which of the following actions would BEST enable the tester to perform

phishing in a later stage of the assessment?

A.

Test for RFC-defined protocol conformance.

B.

Attempt to brute force authentication to the service.

C.

Perform a reverse DNS query and match to the service banner.

D.

Check for an open relay configuration.

Question # 3

Which of the following is the MOST effective person to validate results from a penetration test?

A.

Third party

B.

Team leader

C.

Chief Information Officer

D.

Client

Question # 4

A penetration tester finds a PHP script used by a web application in an unprotected internal source code repository. After reviewing the code, the tester identifies the following:

Which of the following tools will help the tester prepare an attack for this scenario?

A.

Hydra and crunch

B.

Netcat and cURL

C.

Burp Suite and DIRB

D.

Nmap and OWASP ZAP

Question # 5

A penetration tester was conducting a penetration test and discovered the network traffic was no longer reaching the client’s IP address. The tester later discovered the SOC had used sinkholing on the penetration tester’s IP address. Which of the following BEST describes what happened?

A.

The penetration tester was testing the wrong assets

B.

The planning process failed to ensure all teams were notified

C.

The client was not ready for the assessment to start

D.

The penetration tester had incorrect contact information

Question # 6

A penetration tester completed a vulnerability scan against a web server and identified a single but severe vulnerability.

Which of the following is the BEST way to ensure this is a true positive?

A.

Run another scanner to compare.

B.

Perform a manual test on the server.

C.

Check the results on the scanner.

D.

Look for the vulnerability online.

Question # 7

When developing a shell script intended for interpretation in Bash, the interpreter /bin/bash should be explicitly specified. Which of the following character combinations should be used on the first line of the script to accomplish this goal?

A.

<#

B.

<$

C.

##

D.

#$

E.

#!

Question # 8

A penetration tester was brute forcing an internal web server and ran a command that produced the following output:

However, when the penetration tester tried to browse the URL http://172.16.100.10:3000/profile , a blank page was displayed.

Which of the following is the MOST likely reason for the lack of output?

A.

The HTTP port is not open on the firewall.

B.

The tester did not run sudo before the command.

C.

The web server is using HTTPS instead of HTTP.

D.

This URI returned a server error.

Question # 9

A penetration tester who is doing a company-requested assessment would like to send traffic to another system using double tagging. Which of the following techniques would BEST accomplish this goal?

A.

RFID cloning

B.

RFID tagging

C.

Meta tagging

D.

Tag nesting

Question # 10

A penetration tester is starting an assessment but only has publicly available information about the target company. The client is aware of this exercise and is preparing for the test.

Which of the following describes the scope of the assessment?

A.

Partially known environment testing

B.

Known environment testing

C.

Unknown environment testing

D.

Physical environment testing

Page: 1 / 14
Total 139 questions

Most Popular Certification Exams

Payment

       

Contact us

Site Secure

mcafee secure

TESTED 18 Jul 2026