[Jul 08, 2025] CompTIA PT0-002 Exam Dumps Files, Q1/196: Which of the following situations would require a penetration tester to notify the emergency contact

Join the discussion

Question 1/196

Which of the following situations would require a penetration tester to notify the emergency contact for the engagement?

A. The team exfiltrates PII or credit card data from the organization.

B. The team discovers another actor on a system on the network.

C. The team loses access to the network remotely.

D. The team exploits a critical server within the organization.

Add Comments

Other Question (196q): Q1. Which of the following situations would require a penetration tester to notify the emergen...; Q2. A penetration tester writes the following script: (Exhibit) Which of the following objecti...; Q3. A security analyst is conducting an unknown environment test from 192.168.3.3. The analyst...; Q4. After obtaining a reverse shell connection, a penetration tester runs the following comman...; Q5. A penetration tester has been hired to configure and conduct authenticated scans of all th...; Q6. During a vulnerability scan a penetration tester enters the following Nmap command against...; Q7. A penetration tester has prepared the following phishing email for an upcoming penetration...; Q8. A penetration tester is attempting to discover live hosts on a subnet quickly. Which of th...; Q9. A penetration tester was brute forcing an internal web server and ran a command that produ...; Q10. A penetration tester who is performing a physical assessment of a company's security pract...; Q11. Within a Python script, a line that states print (var) outputs the following: [{'1' : 'Cen...; Q12. Which of the following concepts defines the specific set of steps and approaches that are ...; Q13. A penetration tester is conducting an authorized, physical penetration test to attempt to ...; Q14. The results of an Nmap scan are as follows: Starting Nmap 7.80 ( https://nmap.org ) at 202...; Q15. A penetration tester is testing input validation on a search form that was discovered on a...; Q16. When planning a penetration-testing effort, clearly expressing the rules surrounding the o...; Q17. A security firm is discussing the results of a penetration test with the client. Based on ...; Q18. A penetration tester wrote the following script on a compromised system: #!/bin/bash netwo...; Q19. A penetration tester found several critical SQL injection vulnerabilities during an assess...; Q20. A vulnerability assessor is looking to establish a baseline of all IPv4 network traffic on...; Q21. What is the appropriate action regarding the sharing of penetration test reports after con...; Q22. A penetration tester discovered that a client uses cloud mail as the company's email syste...; Q23. An organization's Chief Information Security Officer debates the validity of a critical fi...; Q24. A penetration tester performs several Nmap scans against the web application for a client....; Q25. A penetration tester is reviewing the logs of a proxy server and discovers the following U...; Q26. An assessor wants to use Nmap to help map out a stateful firewall rule set. Which of the f...; Q27. Which of the following provides a matrix of common tactics and techniques used by attacker...; Q28. Which of the following OSSTM testing methodologies should be used to test under the worst ...; Q29. bash Copy code for ip in $(seq 1 254); do echo $(echo "192.168.15.$ip ") $(host 192.168.15...; Q30. A penetration tester was able to compromise a web server and move laterally into a Linux w...; Q31. A penetration tester gains access to a system and is able to migrate to a user process: (E...; Q32. A company hired a penetration-testing team to review the cyber-physical systems in a manuf...; Q33. A penetration tester is hired to test a client's systems. The client's systems are hosted ...; Q34. A penetration tester is performing reconnaissance for a web application assessment. Upon i...; Q35. During an engagement, a penetration tester was able to upload to a server a PHP file with ...; Q36. A penetration-testing team needs to test the security of electronic records in a company's...; Q37. Which of the following is the most common vulnerability associated with loT devices that a...; Q38. An assessment has been completed, and all reports and evidence have been turned over to th...; Q39. Which of the following would be the most efficient way to write a Python script that inter...; Q40. A company that developers embedded software for the automobile industry has hired a penetr...; Q41. An Nmap scan shows open ports on web servers and databases. A penetration tester decides t...; Q42. A security engineer is trying to bypass a network IPS that isolates the source when the sc...; Q43. You are a penetration tester running port scans on a server. INSTRUCTIONS Part 1: Given th...; Q44. A penetration tester attempted a DNS poisoning attack. After the attempt, no traffic was s...; Q45. A company's Chief Executive Officer has created a secondary home office and is concerned t...; Q46. A penetration tester is contracted to attack an oil rig network to look for vulnerabilitie...; Q47. A company uses a cloud provider with shared network bandwidth to host a web application on...; Q48. A penetration tester is preparing a credential stuffing attack against a company's website...; Q49. Which of the following provides an exploitation suite with payload modules that cover the ...; Q50. A penetration tester discovered a vulnerability that provides the ability to upload to a p...; Q51. A penetration tester is conducting an assessment against a group of publicly available web...; Q52. A penetration tester has been hired to examine a website for flaws. During one of the time...; Q53. A penetration tester wants to find hidden information in documents available on the web at...; Q54. A penetration tester was hired to perform a physical security assessment of an organizatio...; Q55. A penetration tester wants to find the password for any account in the domain without lock...; Q56. A penetration tester is working on a scoping document with a new client. The methodology t...; Q57. During a client engagement, a penetration tester runs the following Nmap command and obtai...; Q58. A penetration tester has obtained root access to a Linux-based file server and would like ...; Q59. A penetration tester has obtained shell access to a Windows host and wants to run a specia...; Q60. After compromising a remote host, a penetration tester is able to obtain a web shell. A fi...; Q61. A penetration tester is required to perform a vulnerability scan that reduces the likeliho...; Q62. The following line-numbered Python code snippet is being used in reconnaissance: (Exhibit)...; Q63. A penetration tester has found indicators that a privileged user's password might be the s...; Q64. Given the following output: User-agent:* Disallow: /author/ Disallow: /xmlrpc.php Disallow...; Q65. During a penetration test of a server application, a security consultant found that the ap...; Q66. A security professional wants to test an IoT device by sending an invalid packet to a prop...; Q67. Which of the following are the MOST important items to include in the final report for a p...; Q68. A penetration tester wants to perform a SQL injection test. Which of the following charact...; Q69. When preparing for an engagement with an enterprise organization, which of the following i...; Q70. During an assessment, a penetration tester found a suspicious script that could indicate a...; Q71. A penetration tester analyzed a web-application log file and discovered an input that was ...; Q72. A penetration tester approaches a company employee in the smoking area and starts a conver...; Q73. Which of the following assessment methods is MOST likely to cause harm to an ICS environme...; Q74. A penetration tester noticed that an employee was using a wireless headset with a smartpho...; Q75. During an assessment, a penetration tester obtains a list of password digests using Respon...; Q76. A penetration tester has gained access to part of an internal network and wants to exploit...; Q77. During an assessment, a penetration tester emailed the following Python script to CompTIA'...; Q78. The attacking machine is on the same LAN segment as the target host during an internal pen...; Q79. A penetration tester who is conducting a web-application test discovers a clickjacking vul...; Q80. A penetration tester initiated the transfer of a large data set to verify a proof-of-conce...; Q81. Running a vulnerability scanner on a hybrid network segment that includes general IT serve...; Q82. A penetration tester receives the following results from an Nmap scan: (Exhibit) Which of ...; Q83. In Python socket programming, SOCK_DGRAM type is:...; Q84. Which of the following is a rules engine for managing public cloud accounts and resources?...; Q85. A penetration tester downloaded a Java application file from a compromised web server and ...; Q86. A penetration tester completed an assessment, removed all artifacts and accounts created d...; Q87. An exploit developer is coding a script that submits a very large number of small requests...; Q88. A penetration tester successfully performed an exploit on a host and was able to hop from ...; Q89. A penetration tester, who is doing an assessment, discovers an administrator has been exfi...; Q90. A penetration tester has been contracted to review wireless security. The tester has deplo...; Q91. A security analyst needs to perform a scan for SMB port 445 over a/16 network. Which of th...; Q92. After gaining access to a Linux system with a non-privileged account, a penetration tester...; Q93. A security firm has been hired to perform an external penetration test against a company. ...; Q94. A penetration tester has gained access to the Chief Executive Officer's (CEO's) internal, ...; Q95. Which of the following describes how a penetration tester could prioritize findings in a r...; Q96. A security firm is discussing the results of a penetration test with a client. Based on th...; Q97. Which of the following situations would MOST likely warrant revalidation of a previous sec...; Q98. A mail service company has hired a penetration tester to conduct an enumeration of all use...; Q99. After gaining access to a previous system, a penetration tester runs an Nmap scan against ...; Q100. Penetration-testing activities have concluded, and the initial findings have been reviewed...; Q101. Which of the following should a penetration tester do NEXT after identifying that an appli...; Q102. During an assessment, a penetration tester discovers the following code sample in a web ap...; Q103. A penetration tester needs to perform a test on a finance system that is PCI DSS v3.2.1 co...; Q104. Which of the following would MOST likely be included in the final report of a static appli...; Q105. A Chief Information Security Officer wants a penetration tester to evaluate the security a...; Q106. After compromising a system, a penetration tester wants more information in order to decid...; Q107. A red team gained access to the internal network of a client during an engagement and used...; Q108. A company obtained permission for a vulnerability scan from its cloud service provider and...; Q109. A penetration tester issues the following command after obtaining a low-privilege reverse ...; Q110. Performing a penetration test against an environment with SCADA devices brings additional ...; Q111. A penetration tester is able to use a command injection vulnerability in a web application...; Q112. A penetration tester is performing an assessment for an organization and must gather valid...; Q113. A penetration tester was able to gather MD5 hashes from a server and crack the hashes easi...; Q114. A software company has hired a penetration tester to perform a penetration test on a datab...; Q115. While performing the scanning phase of a penetration test, the penetration tester runs the...; Q116. A penetration tester joins the assessment team in the middle of the assessment. The client...; Q117. A penetration tester requested, without express authorization, that a CVE number be assign...; Q118. During an assessment, a penetration tester needs to perform a cloud asset discovery of an ...; Q119. A penetration tester has gained access to a network device that has a previously unknown I...; Q120. A penetration tester runs an Nmap scan and obtains the following output: Starting Nmap 7.8...; Q121. A penetration tester wrote the following comment in the final report: "Eighty-five percent...; Q122. A penetration tester is reviewing the security of a web application running in an laaS com...; Q123. A penetration tester is performing an assessment for an organization and must gather valid...; Q124. A penetration tester is performing an assessment of an application that allows users to up...; Q125. A penetration tester opened a shell on a laptop at a client's office but is unable to pivo...; Q126. Which tool is specifically designed for detecting and exploiting SQL injection vulnerabili...; Q127. Given the following code: (Exhibit) Which of the following data structures is systems?...; Q128. A company hired a penetration tester to do a social-engineering test against its employees...; Q129. During a penetration test, a tester is in close proximity to a corporate mobile device bel...; Q130. Which of the following BEST explains why a penetration tester cannot scan a server that wa...; Q131. A final penetration test report has been submitted to the board for review and accepted. T...; Q132. During an assessment, a penetration tester obtains a list of 30 email addresses by crawlin...; Q133. During an assessment, a penetration tester found an application with the default credentia...; Q134. A penetration tester discovers during a recent test that an employee in the accounting dep...; Q135. A company requires that all hypervisors have the latest available patches installed. Which...; Q136. A penetration tester is looking for a vulnerability that enables attackers to open doors v...; Q137. During an engagement, a penetration tester found the following list of strings inside a fi...; Q138. A penetration tester observes an application enforcing strict access controls. Which of th...; Q139. After running the enum4linux.pl command, a penetration tester received the following outpu...; Q140. During a web application test, a penetration tester was able to navigate to https://compan...; Q141. Which document defines the scope, boundaries, and procedures of a penetration test, ensuri...; Q142. A penetration tester who is working remotely is conducting a penetration test using a wire...; Q143. During a test of a custom-built web application, a penetration tester identifies several v...; Q144. A penetration tester received a 16-bit network block that was scoped for an assessment. Du...; Q145. An Nmap network scan has found five open ports with identified services. Which of the foll...; Q146. A penetration tester runs the following command on a system: find / -user root -perm -4000...; Q147. A penetration tester runs the following command: l.comptia.local axfr comptia.local which ...; Q148. A penetration tester is reviewing the following SOW prior to engaging with a client: "Netw...; Q149. A penetration tester has obtained a low-privilege shell on a Windows server with a default...; Q150. A company is concerned that its cloud service provider is not adequately protecting the VM...; Q151. A company is concerned that its cloud VM is vulnerable to a cyberattack and proprietary da...; Q152. A penetration tester wrote the following script to be used in one engagement: (Exhibit) Wh...; Q153. Which of the following tools would be best to use to conceal data in various kinds of imag...; Q154. Which of the following is the MOST effective person to validate results from a penetration...; Q155. A penetration tester needs to upload the results of a port scan to a centralized security ...; Q156. During a penetration-testing engagement, a consultant performs reconnaissance of a client ...; Q157. When accessing the URL http://192.168.0-1/validate/user.php, a penetration tester obtained...; Q158. During a penetration test, the domain names, IP ranges, hosts, and applications are define...; Q159. A penetration tester who is doing a security assessment discovers that a critical vulnerab...; Q160. In the process of active service enumeration, a penetration tester identifies an SMTP daem...; Q161. A penetration tester received a .pcap file to look for credentials to use in an engagement...; Q162. Which of the following is the MOST important information to have on a penetration testing ...; Q163. Which of the following is the most secure way to protect a final report file when deliveri...; Q164. A penetration tester is taking screen captures of hashes obtained from a domain controller...; Q165. A penetration tester obtained the following results after scanning a web server using the ...; Q166. During a penetration tester found a web component with no authentication requirements. The...; Q167. A new client hired a penetration-testing company for a month-long contract for various sec...; Q168. A penetration tester has established an on-path attack position and must now specially cra...; Q169. A penetration tester is conducting a test after hours and notices a critical system was ta...; Q170. After performing a web penetration test, a security consultant is ranking the findings by ...; Q171. A penetration tester uses Hashcat to crack hashes discovered during a penetration test and...; Q172. During enumeration, a red team discovered that an external web server was frequented by em...; Q173. During a penetration test, a tester is able to change values in the URL from example.com/l...; Q174. A penetration tester is conducting an engagement against an internet-facing web applicatio...; Q175. A penetration tester ran the following command on a staging server: python -m SimpleHTTPSe...; Q176. A security consultant wants to perform a vulnerability assessment with an application that...; Q177. A penetration tester is testing a new version of a mobile application in a sandbox environ...; Q178. Which of the following tools would BEST allow a penetration tester to capture wireless han...; Q179. A compliance-based penetration test is primarily concerned with:...; Q180. A penetration tester is able to capture the NTLM challenge-response traffic between a clie...; Q181. Which of the following assessment methods is the most likely to cause harm to an ICS envir...; Q182. A penetration tester is testing a new API for the company's existing services and is prepa...; Q183. A penetration tester is attempting to perform reconnaissance on a customer's external-faci...; Q184. A penetration tester has extracted password hashes from the lsass.exe memory process. Whic...; Q185. For a penetration test engagement, a security engineer decides to impersonate the IT help ...; Q186. A penetration tester conducted an assessment on a web server. The logs from this session s...; Q187. A penetration tester ran a ping -A command during an unknown environment test, and it retu...; Q188. A company has recruited a penetration tester to conduct a vulnerability scan over the netw...; Q189. A red-team tester has been contracted to emulate the threat posed by a malicious insider o...; Q190. When developing a shell script intended for interpretation in Bash, the interpreter /bin/b...; Q191. A client would like to have a penetration test performed that leverages a continuously upd...; Q192. The results of an Nmap scan are as follows: (Exhibit) Which of the following would be the ...; Q193. A penetration tester is performing a vulnerability scan on a large ATM network. One of the...; Q194. A penetration tester needs to access a building that is guarded by locked gates, a securit...; Q195. A customer adds a requirement to the scope of a penetration test that states activities ca...; Q196. During an internal penetration test against a company, a penetration tester was able to na...

Join the discussion

Question 1/196

Add Comments

Download PDF File