CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. CompTIA
  5. PT0-002

Free PT0-002 Exam Braindumps (page: 29)

Page 29 of 93
PDF with 366 Questions

A company has recruited a penetration tester to conduct a vulnerability scan over the network. The test is confirmed to be on a known environment. Which of the following would be the BEST option to identify a system properly prior to performing the assessment?

  1. Asset inventory
  2. DNS records
  3. Web-application scan
  4. Full scan

Answer(s): A



A security firm has been hired to perform an external penetration test against a company. The only information the firm received was the company name. Which of the following passive reconnaissance approaches would be MOST likely to yield positive initial results?

  1. Specially craft and deploy phishing emails to key company leaders.
  2. Run a vulnerability scan against the company's external website.
  3. Runtime the company's vendor/supply chain.
  4. Scrape web presences and social-networking sites.

Answer(s): D



A security firm is discussing the results of a penetration test with the client. Based on the findings, the client wants to focus the remaining time on a critical network segment. Which of the following BEST describes the action taking place?

  1. Maximizing the likelihood of finding vulnerabilities
  2. Reprioritizing the goals/objectives
  3. Eliminating the potential for false positives
  4. Reducing the risk to the client environment

Answer(s): B



Which of the following tools would be BEST suited to perform a manual web application security assessment? (Choose two.)

  1. OWASP ZAP
  2. Nmap
  3. Nessus
  4. BeEF
  5. Hydra
  6. Burp Suite

Answer(s): A,F



Page 29 of 93



Post your Comments and Discuss CompTIA PT0-002 exam with other Community members:

Evan Couture commented on December 03, 2024
These questions are exactly what you will see on exam day, but they are good study. The exam may have questions covering similar objectives, but you will still need to study the material and perform hands on labs to be fully prepared. I used certmaster learn, infosec labs, pentest+ for dummies, pluralsight, wordwall user(markutree has some useful matching exercises), quizlet, and of course this resource. Hope this helps.
Anonymous
upvote

Nate commented on October 04, 2024
I worked really hard to pass this exam. It is a very hard exam. These questions are you best buddy. So use them.
UNITED STATES
upvote

Anon commented on August 01, 2024
Good content and useful practice questions. However I run some of the content against ChatGPT and the accuracy was around 90%. I know ChatGPT is not always correct but 90% match is pretty good to me.
UNITED STATES
upvote

Briyan commented on June 18, 2024
Good for passing the exam with a high mark but not ideal for deep learning. This helped me pass the exam and I got the high mark but I learned very little as they are all questions from the real exam.
UNITED STATES
upvote

anon commented on June 05, 2024
Question 20 regarding SSHD nmap scan doesnt add up. why would you do -sA ack scan?? why not a script or something?
UNITED STATES
upvote

SAJI commented on July 20, 2023
56 question correct answer a,b
Anonymous
upvote

Summer commented on October 04, 2023
looking forward to the real exam
Anonymous
upvote

Summer commented on October 04, 2023
looking forward to the real exam
Anonymous
upvote

Wale commented on August 19, 2023
I am new here , just started going through the questions
EUROPEAN UNION
upvote

Doddy commented on July 31, 2023
I have passed PT0-002, thanks!
Anonymous
upvote

SAJI commented on July 20, 2023
56 question correct answer A,B
Anonymous
upvote

Danny commented on August 12, 2021
Well worth... cheap and very helpful.
UNITED STATES
upvote

Frank commented on July 22, 2021
Focus on these questions and your are going to pass. That is what I did. Good luck guys.
SOUTH AFRICA
upvote