PT0-002 Dumps

PT0-002 Free Practice Test

CompTIA PT0-002: CompTIA PenTest+ Certification Exam

QUESTION 36

A penetration tester conducted an assessment on a web server. The logs from this session show the following:
http://www.thecompanydomain.com/servicestatus.php?serviceID=892&serviceID=892 ‘ ; DROP TABLE SERVICES; -
Which of the following attacks is being attempted?

Correct Answer: C

QUESTION 37

In an unprotected network file repository, a penetration tester discovers a text file containing usernames and passwords in cleartext and a spreadsheet containing data for 50 employees, including full names, roles, and serial numbers. The tester realizes some of the passwords in the text file follow the format: . Which of the following would be the best action for the tester to take NEXT with this information?

Correct Answer: D

QUESTION 38

Which of the following provides a matrix of common tactics and techniques used by attackers along with recommended mitigations?

Correct Answer: C

QUESTION 39

Which of the following should a penetration tester do NEXT after identifying that an application being tested has already been compromised with malware?

Correct Answer: E

QUESTION 40

Which of the following BEST describes why a client would hold a lessons-learned meeting with the penetration-testing team?

Correct Answer: C