PT0-002: CompTIA PenTest+ Certification

After successfully compromising a remote host, a security consultant notices an endpoint protection software is running on the host. Which of the following commands would be best for the consultant to use to terminate the protection software and its child processes?

A penetration tester is conducting an assessment against a group of publicly available web servers and notices a number of TCP resets returning from one of the web servers. Which of the following is MOST likely causing the TCP resets to occur during the assessment?

When accessing the URL http://192.168.0-1/validate/user.php, a penetration tester obtained the following output:

..d index: eid in /apache/www/validate/user.php line 12

..d index: uid in /apache/www/validate/user.php line 13

..d index: pw in /apache/www/validate/user.php line 14

..d index: acl in /apache/www/validate/user.php line 15

A Chief Information Security Officer wants a penetration tester to evaluate the security awareness level of the company's employees.

Which of the following tools can help the tester achieve this goal?

An organization is using Android mobile devices but does not use MDM services. Which of the following describes an existing risk present in this scenario?

A penetration tester is conducting an unknown environment test and gathering additional information that can be used for later stages of an assessment. Which of the following would most likely produce useful information for additional testing?

Which of the following components should a penetration tester most likely include in a report at the end of an assessment?

A penetration tester was hired to test Wi-Fi equipment. Which of the following tools should be used to gather information about the wireless network?

A consulting company is completing the ROE during scoping.

Which of the following should be included in the ROE?