Online Access Free CompTIA.PT0-002.v2023-02-18.q78 Practice Test (Page 14)

PT0-002 Exam Question 61

Which of the following BEST describes why a client would hold a lessons-learned meeting with the penetration-testing team?

A.To ensure the penetration-testing team destroys all company data that was gathered during the test

B.To discuss the findings and dispute any false positives

C.To determine any processes that failed to meet expectations during the assessment

D.To provide feedback on the report structure and recommend improvements

PT0-002 Exam Question 62

A penetration tester has gained access to a network device that has a previously unknown IP range on an interface. Further research determines this is an always-on VPN tunnel to a third-party supplier.
Which of the following is the BEST action for the penetration tester to take?

A.Disregard the IP range, as it is out of scope.

B.Scan the IP range for additional systems to exploit.

C.Utilize the tunnel as a means of pivoting to other internal devices.

D.Stop the assessment and inform the emergency contact.

PT0-002 Exam Question 63

A penetration tester who is conducting a vulnerability assessment discovers that ICMP is disabled on a network segment. Which of the following could be used for a denial-of-service attack on the network segment?

A.Smurf

B.Ping flood

C.Fraggle

D.Ping of death

PT0-002 Exam Question 64

A tester who is performing a penetration test on a website receives the following output:
Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in /var/www/search.php on line 62
Which of the following commands can be used to further attack the website?

A.<script>var adr= '../evil.php?test=' + escape(document.cookie);</script>

B./var/www/html/index.php;whoami

C.1 UNION SELECT 1, DATABASE(),3--

D.../../../../../../../../../../etc/passwd

PT0-002 Exam Question 65

A penetration tester is conducting a penetration test. The tester obtains a root-level shell on a Linux server and discovers the following data in a file named password.txt in the /home/svsacct directory:
U3VQZXIkM2NyZXQhCg==
Which of the following commands should the tester use NEXT to decode the contents of the file?

A.echo U3VQZXIkM2NyZXQhCg== | base64 "d

B.tar zxvf password.txt

C.hydra "l svsacct "p U3VQZXIkM2NyZXQhCg== ssh://192.168.1.0/24

D.john --wordlist /usr/share/seclists/rockyou.txt password.txt

Other Version: 1320CompTIA.PT0-002.v2024-10-18.q187; 906CompTIA.PT0-002.v2024-10-14.q167; 1254CompTIA.PT0-002.v2024-08-03.q205; 1350CompTIA.PT0-002.v2023-12-04.q144; 1354CompTIA.PT0-002.v2023-05-17.q120; 1673CompTIA.PT0-002.v2023-03-06.q121; 1712CompTIA.PT0-002.v2022-10-11.q87; 1717CompTIA.PT0-002.v2022-05-11.q49; 2169CompTIA.PT0-002.v2022-04-23.q64; 38CompTIA.Actualtestpdf.PT0-002.v2022-03-19.by.marcus.64q.pdf; 2066CompTIA.PT0-002.v2021-11-22.q40; 77CompTIA.Prep4king.PT0-002.v2021-08-07.by.beulah.35q.pdf

Latest Upload: 105ISTQB.CT-AI.v2026-06-18.q68; 222IIA.IIA-CIA-Part3.v2026-06-17.q220; 147WGU.Introduction-to-IT.v2026-06-17.q67; 194CompTIA.220-1202.v2026-06-16.q110; 128TheInstitutes.CPCU-500.v2026-06-16.q25; 206ACAMS.CAMS7-CN.v2026-06-16.q170; 223CBIC.CIC.v2026-06-15.q123; 142Peoplecert.ITIL-4-Specialist-High-velocity-IT.v2026-06-15.q16; 244HashiCorp.Terraform-Associate-004.v2026-06-15.q126; 151Peoplecert.ITILFNDv5.v2026-06-15.q26

PT0-002 Exam Question 61

PT0-002 Exam Question 62

PT0-002 Exam Question 63

PT0-002 Exam Question 64

PT0-002 Exam Question 65

Download PDF File