Comptia passleader pdf Pt0-002 Study Guide by Maddox q127 vce pdf

Page: 19 / 34

Exam Name:	CompTIA PenTest+ Certification Exam
Exam Code:	PT0-002 Dumps
Vendor:	CompTIA	Certification:	PenTest+
Questions:	464 Q&A's	Shared By:	maddox

Question 76

A penetration tester has gained access to part of an internal network and wants to exploit on a different network segment. Using Scapy, the tester runs the following command:

Questions 76

Which of the following represents what the penetration tester is attempting to accomplish?

Options:

DNS cache poisoning

MAC spoofing

ARP poisoning

Double-tagging attack

Discussion

Question 77

A penetration tester ran the following commands on a Windows server:

Questions 77

Which of the following should the tester do AFTER delivering the final report?

Options:

Delete the scheduled batch job.

Close the reverse shell connection.

Downgrade the svsaccount permissions.

Remove the tester-created credentials.

Discussion

Question 78

A security company has been contracted to perform a scoped insider-threat assessment to try to gain access to the human resources server that houses PII and salary data. The penetration testers have been given an internal network starting position.

Which of the following actions, if performed, would be ethical within the scope of the assessment?

Options:

Exploiting a configuration weakness in the SQL database

Intercepting outbound TLS traffic

Gaining access to hosts by injecting malware into the enterprise-wide update server

Leveraging a vulnerability on the internal CA to issue fraudulent client certificates

Establishing and maintaining persistence on the domain controller

Discussion

Question 79

A penetration tester recently completed a review of the security of a core network device within a corporate environment. The key findings are as follows:

• The following request was intercepted going to the network device:

GET /login HTTP/1.1

Host: 10.50.100.16

User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0

Accept-Language: en-US,en;q=0.5

Connection: keep-alive

Authorization: Basic WU9VUilOQU1FOnNlY3JldHBhc3N3b3jk

• Network management interfaces are available on the production network.

• An Nmap scan returned the following:

Questions 79

Which of the following would be BEST to add to the recommendations section of the final report? (Choose two.)

Options:

Enforce enhanced password complexity requirements.

Disable or upgrade SSH daemon.

Disable HTTP/301 redirect configuration.

Create an out-of-band network for management.

Implement a better method for authentication.

Eliminate network management and control interfaces.

Discussion

Anaya

I found so many of the same questions on the real exam that I had already seen in the Cramkey Dumps. Thank you so much for making exam so easy for me. I passed it successfully!!!

Nina Nov 14, 2025

It's true! I felt so much more confident going into the exam because I had already seen and understood the questions.

Sarah

Yeah, I was so relieved when I saw that the question appeared in the exam were similar to their exam dumps. It made the exam a lot easier and I felt confident going into it.

Aaliyah Nov 27, 2025

Same here. I've heard mixed reviews about using exam dumps, but for us, it definitely paid off.

Wyatt

Passed my exam… Thank you so much for your excellent Exam Dumps.

Arjun Nov 23, 2025

That sounds really useful. I'll definitely check it out.

Amy

I passed my exam and found your dumps 100% relevant to the actual exam.

Lacey Nov 9, 2025

Yeah, definitely. I experienced the same.

Melody

My experience with Cramkey was great! I was surprised to see that many of the questions in my exam appeared in the Cramkey dumps.