PT0-002 Dumps

PT0-002 Free Practice Test

CompTIA PT0-002: CompTIA PenTest+ Certification Exam

QUESTION 66

An Nmap scan shows open ports on web servers and databases. A penetration tester decides to run WPScan and SQLmap to identify vulnerabilities and additional information about those systems.
Which of the following is the penetration tester trying to accomplish?

Correct Answer: C

QUESTION 67

When planning a penetration-testing effort, clearly expressing the rules surrounding the optimal time of day for test execution is important because:

Correct Answer: D

QUESTION 68

In the process of active service enumeration, a penetration tester identifies an SMTP daemon running on one of the target company’s servers. Which of the following actions would BEST enable the tester to perform
phishing in a later stage of the assessment?

Correct Answer: D
SMTP is a protocol associated with mail servers. Therefore, for a penetration tester, an open relay configuration can be exploited to launch phishing attacks.

QUESTION 69

Which of the following types of information would MOST likely be included in an application security assessment report addressed to developers? (Choose two.)

Correct Answer: BC

QUESTION 70

Which of the following should a penetration tester consider FIRST when engaging in a penetration test in a cloud environment?

Correct Answer: A