CompTIA PT0-002 CompTIA PenTest+ Certification Exam Practice Test

A penetration tester wants to crack MD5 hashes more quickly. The tester knows that the first part of the password is Winter followed by four digits and a special character at the end. Which of the following commands should the tester use?

During the execution of a cloud penetration test, a tester was able to gain an initial footprint on the customer cloud infrastructure. Now the tester wants to scan the cloud resources, possible misconfigurations, and other relevant data that could be exploited. Which of the following tools should the tester most likely use?

A security engineer is working to identify all email servers on a network. Which of the following commands should the engineer use to identify the servers as well as the software version the servers are running?

A penetration tester gained access to one of the target company's servers. During the enumeration phase, the penetration tester lists the bash history and observes the following row:

Which of the following steps should the penetration tester take next?

During an assessment, a penetration tester was able Jo get access on all target servers by attempting authentication using a service account key that was published on the intranet site as part of a standard procedure. Which of the following should the penetration tester recommend for this type of finding?

Which of the following best explains why a penetration tester would use ProxyChains during an assessment?

A penetration tester discovered a vulnerability that has the following CVEs:

Which of the following CVEs should be remediated first?