CompTIA PT0-002 Online Practice
Questions and Exam Preparation
PT0-002 Exam Details
Exam Code
:PT0-002
Exam Name
:CompTIA PenTest+
Certification
:CompTIA Certifications
Vendor
:CompTIA
Total Questions
:455 Q&As
Last Updated
:Jul 12, 2026
CompTIA PT0-002 Online Questions &
Answers
Question 1:
During a vulnerability scanning phase, a penetration tester wants to execute an Nmap scan using custom NSE scripts stored in the following folder:
/home/user/scripts
Which of the following commands should the penetration tester use to perform this scan?
A. nmap resume "not intrusive" B. nmap script default safe C. nmap script /home/user/scripts D. nmap -load /home/user/scripts
C. nmap script /home/user/scripts
Explanation
The Nmap command in the question aims to use custom NSE scripts stored in a specific folder. The correct syntax for this option is to use the script argument followed by the path to the folder. The other commands are either invalid, use the wrong argument, or do not specify the folder path.
References: Best PenTest+ certification study resources and training materials, CompTIA PenTest+ PT0-002 Cert Guide, 101 Labs -- CompTIA PenTest+: Hands-on Labs for the PT0-002 Exam
Question 2:
A penetration tester was contracted to test a proprietary application for buffer overflow vulnerabilities.
Which of the following tools would be BEST suited for this task?
A. GDB B. Burp Suite C. SearchSpliot D. Netcat
A. GDB
Explanation
GDB is a debugging tool that can be used to analyze and manipulate the memory of a running process, which is useful for finding and exploiting buffer overflow vulnerabilities. Burp Suite is a web application testing tool that does not directly test for buffer overflows. SearchSpliot is a database of known exploits that does not test for new vulnerabilities. Netcat is a network utility that can be used to send and receive data, but not to test for buffer overflows.
Question 3:
A client wants a security assessment company to perform a penetration test against its hot site. The purpose of the test is to determine the effectiveness of the defenses that protect against disruptions to business continuity. Which of the following is the MOST important action to take before starting this type of assessment?
A. Ensure the client has signed the SOW. B. Verify the client has granted network access to the hot site. C. Determine if the failover environment relies on resources not owned by the client. D. Establish communication and escalation procedures with the client.
A. Ensure the client has signed the SOW.
Explanation
The statement of work (SOW) is a document that defines the scope, objectives, deliverables, and timeline of a penetration testing engagement. It is important to have the client sign the SOW before starting the assessment to avoid any legal or contractual issues.
Question 4:
A penetration tester wants to perform reconnaissance without being detected. Which of the following activities have a MINIMAL chance of detection? (Choose two.)
A. Open-source research B. A ping sweep C. Traffic sniffing D. Port knocking E. A vulnerability scan F. An Nmap scan
A. Open-source research C. Traffic sniffing
Explanation
Open-source research and traffic sniffing are two activities that have a minimal chance of detection, as they do not involve sending any packets or requests to the target network or system. Open-source research is the process of gathering information from publicly available sources, such as websites, social media, blogs, forums, etc. Traffic sniffing is the process of capturing and analyzing network packets that are transmitted over a shared medium, such as wireless or Ethernet.
A penetration tester ran an Nmap scan on an Internet-facing network device with the -F option and found a few open ports. To further enumerate, the tester ran another scan using the following command:
nmap -O -A -sS -p- 100.100.100.50
Nmap returned that all 65,535 ports were filtered. Which of the following MOST likely occurred on the second scan?
A. A firewall or IPS blocked the scan. B. The penetration tester used unsupported flags. C. The edge network device was disconnected. D. The scan returned ICMP echo replies.
A. A firewall or IPS blocked the scan.
Explanation
https://phoenixnap.com/kb/nmap-scan-open-ports
Question 7:
A penetration tester conducts an Nmap scan against a target and receives the following results:
Which of the following should the tester use to redirect the scanning tools using TCP port 1080 on the target?
Which of the following is the most important aspect to consider when calculating the price of a penetration test service for a client?
A. Operating cost B. Required scope of work C. Non-disclosure agreement D. Client's budget
B. Required scope of work
Explanation
When calculating the price of a penetration test service for a client, the most important aspect to consider is the required scope of work. The scope of work defines the objectives of the penetration test and the systems that will be tested. It is
important to understand the scope of work to determine the resources required to complete the test and the time it will take to complete the test.
D. (2021). The Official CompTIA PenTest+ Study Guide (Exam PT0002). John Wiley and Sons.
Question 9:
When developing a shell script intended for interpretation in Bash, the interpreter /bin/bash should be explicitly specified. Which of the following character combinations should be used on the first line of the script to accomplish this goal?
C. ## D. #$ E. #!
E. #!
Explanation
https://linuxconfig.org/bash-scripting-tutorial-for-beginners #!/bin/bash ---# and ! makes this line special because # is used as comment line in bash. ! is called
Question 10:
A Chief Information Security Officer wants to evaluate the security of the company's e- commerce application.
Which of the following tools should a penetration tester use FIRST to obtain relevant information from the application without triggering alarms?
A. SQLmap B. DirBuster C. w3af D. OWASP ZAP
C. w3af
Explanation
W3AF, the Web Application Attack and Audit Framework, is an open source web application security scanner that includes directory and filename bruteforcing in its list of capabilities.
Nowadays, the certification exams become more and more important and required by more and more
enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare
for the exam in a short time with less efforts? How to get a ideal result and how to find the
most reliable resources? Here on Vcedump.com, you will find all the answers.
Vcedump.com provide not only CompTIA exam questions,
answers and explanations but also complete assistance on your exam preparation and certification
application. If you are confused on your PT0-002 exam preparations
and CompTIA certification application, do not hesitate to visit our
Vcedump.com to find your solutions here.