Comptia dumpspedia last Attempt Pt0-002 Questions by Lawson q25 vce pdf

Page: 7 / 34

Exam Name:	CompTIA PenTest+ Certification Exam
Exam Code:	PT0-002 Dumps
Vendor:	CompTIA	Certification:	PenTest+
Questions:	464 Q&A's	Shared By:	lawson

Question 28

A Chief Information Security Officer wants a penetration tester to evaluate whether a recently installed firewall is protecting a subnetwork on which many decades- old legacy systems are connected. The penetration tester decides to run an OS discovery and a full port scan to identify all the systems and any potential vulnerability. Which of the following should the penetration tester consider BEFORE running a scan?

Options:

The timing of the scan

The bandwidth limitations

The inventory of assets and versions

The type of scan

Discussion

Question 29

A company provided the following network scope for a penetration test:

169.137.1.0/24

221.10.1.0/24

149.14.1.0/24

A penetration tester discovered a remote command injection on IP address 149.14.1.24 and exploited the system. Later, the tester learned that this particular IP address belongs to a third party. Which of the following stakeholders is responsible for this mistake?

Options:

The company that requested the penetration test

The penetration testing company

The target host's owner

The penetration tester

The subcontractor supporting the test

Discussion

Question 30

A penetration tester is evaluating a company's network perimeter. The tester has received limited information about defensive controls or countermeasures, and limited internal knowledge of the testing exists. Which of the following should be the FIRST step to plan the reconnaissance activities?

Options:

Launch an external scan of netblocks.

Check WHOIS and netblock records for the company.

Use DNS lookups and dig to determine the external hosts.

Conduct a ping sweep of the company's netblocks.

Discussion

Stefan

Thank you so much Cramkey I passed my exam today due to your highly up to date dumps.

Ocean Nov 9, 2025

Agree….Cramkey Dumps are constantly updated based on changes in the exams. They also have a team of experts who regularly review the materials to ensure their accuracy and relevance. This way, you can be sure you're studying the most up-to-date information available.

Nylah

I've been looking for good study material for my upcoming certification exam. Need help.

Dolly Nov 17, 2025

Then you should definitely give Cramkey Dumps a try. They have a huge database of questions and answers, making it easy to study and prepare for the exam. And the best part is, you can be sure the information is accurate and relevant.

Robin

Cramkey is highly recommended.

Jonah Nov 26, 2025

Definitely. If you're looking for a reliable and effective study resource, look no further than Cramkey Dumps. They're simply wonderful!

Hassan

Highly Recommended Dumps… today I passed my exam! Same questions appear. I bought Full Access.

Kasper Nov 25, 2025

Hey wonderful….so same questions , sounds good. Planning to write this week, I will go for full access today.

Question 31

ion tester is attempting to get more people from a target company to download and run an executable. Which of the following would be the.. :tive way for the tester to achieve this objective?

Options:

Dropping USB flash drives around the company campus with the file on it

Attaching the file in a phishing SMS that warns users to execute the file or they will be locked out of their accounts

Sending a pretext email from the IT department before sending the download instructions later

Saving the file in a common folder with a name that encourages people to click it