Online Access Free CompTIA.PT0-002.v2021-11-22.q40 Practice Test (Page 5)

PT0-002 Exam Question 16

Which of the following web-application security risks are part of the OWASP Top 10 v2017? (Choose two.)

A.Race-condition attacks

B.Zero-day attacks

C.Ransomware attacks

D.Buffer overflows

E.Cross-site scripting

F.Injection flaws

PT0-002 Exam Question 17

A penetration tester has been given eight business hours to gain access to a client's financial system. Which of the following techniques will have the highest likelihood of success?

A.Performing spear phishing against employees by posing as senior management

B.Dropping a malicious USB key with the company's logo in the parking lot

C.Using a brute-force attack against the external perimeter to gain a foothold

D.Attempting to tailgate an employee going into the client's workplace

PT0-002 Exam Question 18

A penetration tester is reviewing the following SOW prior to engaging with a client:
"Network diagrams, logical and physical asset inventory, and employees' names are to be treated as client confidential. Upon completion of the engagement, the penetration tester will submit findings to the client's Chief Information Security Officer (CISO) via encrypted protocols and subsequently dispose of all findings by erasing them in a secure manner." Based on the information in the SOW, which of the following behaviors would be considered unethical? (Choose two.)

A.Seeking help with the engagement in underground hacker forums by sharing the client's public IP address

B.Failing to share with the client critical vulnerabilities that exist within the client architecture to appease the client's senior leadership team

C.Using a software-based erase tool to wipe the client's findings from the penetration tester's laptop

D.Utilizing proprietary penetration-testing tools that are not available to the public or to the client for auditing and inspection

E.Utilizing public-key cryptography to ensure findings are delivered to the CISO upon completion of the engagement

F.Retaining the SOW within the penetration tester's company for future use so the sales team can plan future engagements

PT0-002 Exam Question 19

A penetration tester discovers that a web server within the scope of the engagement has already been compromised with a backdoor. Which of the following should the penetration tester do NEXT?

A.Utilize the backdoor in support of the engagement

B.Continue the engagement and include the backdoor finding in the final report

C.Inform the customer immediately about the backdoor

D.Forensically acquire the backdoor Trojan and perform attribution

PT0-002 Exam Question 20

A software company has hired a penetration tester to perform a penetration test on a database server. The tester has been given a variety of tools used by the company's privacy policy. Which of the following would be the BEST to use to find vulnerabilities on this server?

A.Nessus

B.OpenVAS

C.Nikto

D.SQLmap

Other Version: 1320CompTIA.PT0-002.v2024-10-18.q187; 906CompTIA.PT0-002.v2024-10-14.q167; 1253CompTIA.PT0-002.v2024-08-03.q205; 1349CompTIA.PT0-002.v2023-12-04.q144; 1354CompTIA.PT0-002.v2023-05-17.q120; 1672CompTIA.PT0-002.v2023-03-06.q121; 1049CompTIA.PT0-002.v2023-02-18.q78; 1709CompTIA.PT0-002.v2022-10-11.q87; 1717CompTIA.PT0-002.v2022-05-11.q49; 2167CompTIA.PT0-002.v2022-04-23.q64; 38CompTIA.Actualtestpdf.PT0-002.v2022-03-19.by.marcus.64q.pdf; 77CompTIA.Prep4king.PT0-002.v2021-08-07.by.beulah.35q.pdf

Latest Upload: 218IIA.IIA-CIA-Part3.v2026-06-17.q220; 146WGU.Introduction-to-IT.v2026-06-17.q67; 191CompTIA.220-1202.v2026-06-16.q110; 128TheInstitutes.CPCU-500.v2026-06-16.q25; 202ACAMS.CAMS7-CN.v2026-06-16.q170; 213CBIC.CIC.v2026-06-15.q123; 139Peoplecert.ITIL-4-Specialist-High-velocity-IT.v2026-06-15.q16; 241HashiCorp.Terraform-Associate-004.v2026-06-15.q126; 142Peoplecert.ITILFNDv5.v2026-06-15.q26; 142Workday.Workday-Pro-HCM-Reporting.v2026-06-15.q28

PT0-002 Exam Question 16

PT0-002 Exam Question 17

PT0-002 Exam Question 18

PT0-002 Exam Question 19

PT0-002 Exam Question 20

Download PDF File