PT0-002 Exam Details

  • Exam Code
    :PT0-002
  • Exam Name
    :CompTIA PenTest+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :455 Q&As
  • Last Updated
    :Jul 12, 2026

CompTIA PT0-002 Online Questions & Answers

  • Question 1:

    During a vulnerability scanning phase, a penetration tester wants to execute an Nmap scan using custom NSE scripts stored in the following folder:

    /home/user/scripts

    Which of the following commands should the penetration tester use to perform this scan?

    A. nmap resume "not intrusive"
    B. nmap script default safe
    C. nmap script /home/user/scripts
    D. nmap -load /home/user/scripts

  • Question 2:

    A penetration tester was contracted to test a proprietary application for buffer overflow vulnerabilities.

    Which of the following tools would be BEST suited for this task?

    A. GDB
    B. Burp Suite
    C. SearchSpliot
    D. Netcat

  • Question 3:

    A client wants a security assessment company to perform a penetration test against its hot site. The purpose of the test is to determine the effectiveness of the defenses that protect against disruptions to business continuity. Which of the following is the MOST important action to take before starting this type of assessment?

    A. Ensure the client has signed the SOW.
    B. Verify the client has granted network access to the hot site.
    C. Determine if the failover environment relies on resources not owned by the client.
    D. Establish communication and escalation procedures with the client.

  • Question 4:

    A penetration tester wants to perform reconnaissance without being detected. Which of the following activities have a MINIMAL chance of detection? (Choose two.)

    A. Open-source research
    B. A ping sweep
    C. Traffic sniffing
    D. Port knocking
    E. A vulnerability scan
    F. An Nmap scan

  • Question 5:

    A penetration tester performs the following command:

    curl -l -http2 https://www.comptia.org

    Which of the following snippets of output will the tester MOST likely receive?

    A. Option A
    B. Option B
    C. Option C
    D. Option D

  • Question 6:

    A penetration tester ran an Nmap scan on an Internet-facing network device with the -F option and found a few open ports. To further enumerate, the tester ran another scan using the following command:

    nmap -O -A -sS -p- 100.100.100.50

    Nmap returned that all 65,535 ports were filtered. Which of the following MOST likely occurred on the second scan?

    A. A firewall or IPS blocked the scan.
    B. The penetration tester used unsupported flags.
    C. The edge network device was disconnected.
    D. The scan returned ICMP echo replies.

  • Question 7:

    A penetration tester conducts an Nmap scan against a target and receives the following results:

    Which of the following should the tester use to redirect the scanning tools using TCP port 1080 on the target?

    A. Nessus
    B. ProxyChains
    C. OWASPZAP
    D. Empire

  • Question 8:

    Which of the following is the most important aspect to consider when calculating the price of a penetration test service for a client?

    A. Operating cost
    B. Required scope of work
    C. Non-disclosure agreement
    D. Client's budget

  • Question 9:

    When developing a shell script intended for interpretation in Bash, the interpreter /bin/bash should be explicitly specified. Which of the following character combinations should be used on the first line of the script to accomplish this goal?

    C. ##
    D. #$
    E. #!

  • Question 10:

    A Chief Information Security Officer wants to evaluate the security of the company's e- commerce application.

    Which of the following tools should a penetration tester use FIRST to obtain relevant information from the application without triggering alarms?

    A. SQLmap
    B. DirBuster
    C. w3af
    D. OWASP ZAP

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your PT0-002 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.