Pentest+ (PT0-002) 2025/2026 Exam
Questions and Verified Answers |
Already Graded A+
White-list {Access Control} - 🧠ANSWER ✔✔allows specifically identified
users {based on identification mechanisms including but not limited to
username, IP address, and network range} with the required authorization
access to access a given system or network.
Risk Acceptance - 🧠ANSWER ✔✔a term that indicates an understanding
and willingness to bear the likelihood and impact of a specific threat to an
organization's systems or networks
reverse DNS lookup - 🧠ANSWER ✔✔queries the PTR record for a named
IP address and then returns the associated domain name
Stumbling - 🧠ANSWER ✔✔a surveillance technique used to discover
SSIDs, router information, signal strength, MAC addresses, and other
information pertinent to an 802.11 wireless network
AAA - 🧠ANSWER ✔✔Authentication, Authorization and Accounting;
1
COPYRIGHT©JOSHCLAY 2025/2026. YEAR PUBLISHED 2025. COMPANY REGISTRATION NUMBER: 619652435. TERMS OF USE. PRIVACY
STATEMENT. ALL RIGHTS RESERVED
,a framework for intelligently controlling access to computer resources,
enforcing policies, auditing usage, and providing the information necessary
to bill for services
ACL - 🧠ANSWER ✔✔Access Control List
AES - 🧠ANSWER ✔✔advanced encryption standard, a symmetric 128-bit
block data encryption technique
AP - 🧠ANSWER ✔✔Access Point
API - 🧠ANSWER ✔✔Application Programming Interface is offered by a
server for communication with a client app. A client computer program can
send instructions to the server and get data from the server by sending
requests to various URL endpoints that form the API.
APT - 🧠ANSWER ✔✔Advanced Persistent Threat
ARP - 🧠ANSWER ✔✔Address Resolution Protocol. An Internet protocol
used to map an IP address to a MAC address. Defined in RFC 826.
AS2 - 🧠ANSWER ✔✔Applicability Statement 2;
2
COPYRIGHT©JOSHCLAY 2025/2026. YEAR PUBLISHED 2025. COMPANY REGISTRATION NUMBER: 619652435. TERMS OF USE. PRIVACY
STATEMENT. ALL RIGHTS RESERVED
,is a specification about how to transport structured business-to-business
data securely and reliably over the Internet. Security is achieved by using
digital certificates and encryption.
BeEF - 🧠ANSWER ✔✔Browser Exploitation Framework;
a penetration testing tool that focuses on the web browser
BLE - 🧠ANSWER ✔✔Bluetooth Low Energy
BSSID - 🧠ANSWER ✔✔Basic Service Set Identifiers
CA {Certificate Authority} - 🧠ANSWER ✔✔An organization that manages,
issues, and signs certificates and is part of a PKI. Certificates are an
important part of asymmetric encryption. Certificates include public keys
along with details on the owner of the certificate and on the CA that issued
the certificate.
CAPEC {Common Attack Pattern Enumeration and Classification} -
🧠ANSWER ✔✔is a comprehensive dictionary and classification taxonomy
of known attacks that can be used by analysts, developers, testers, and
educators to advance community understanding and enhance defenses"
3
COPYRIGHT©JOSHCLAY 2025/2026. YEAR PUBLISHED 2025. COMPANY REGISTRATION NUMBER: 619652435. TERMS OF USE. PRIVACY
STATEMENT. ALL RIGHTS RESERVED
, CLI - 🧠ANSWER ✔✔Command-line interface. An interface that enables the
user to interact with the operating system by entering commands and
optional arguments.
CSRF {Cross-Site Request Forgery} - 🧠ANSWER ✔✔an attack that forces
an end user to execute unwanted actions on a web application in which
they're currently authenticated; aka one-click attack or session riding
CSV - 🧠ANSWER ✔✔Comma-Separated Values
CVE - 🧠ANSWER ✔✔Common Vulnerabilities and Exposures (CVE). A
dictionary of publicly known security vulnerabilities and exposures.
CVSS {Common Vulnerability Scoring Systems} - 🧠ANSWER ✔✔attempts
to assign severity scores to vulnerabilities;
In CVSS 3.1, the base metric is comprised of 8 factors: access vector {AV},
access complexity {AC}, privileges required {PR}, user interaction {UI},
scope {S}, confidentiality {C}, integrity {I}, and availability {A}
C W E - 🧠ANSWER ✔✔Common Weakness Enumeration;
4
COPYRIGHT©JOSHCLAY 2025/2026. YEAR PUBLISHED 2025. COMPANY REGISTRATION NUMBER: 619652435. TERMS OF USE. PRIVACY
STATEMENT. ALL RIGHTS RESERVED
Questions and Verified Answers |
Already Graded A+
White-list {Access Control} - 🧠ANSWER ✔✔allows specifically identified
users {based on identification mechanisms including but not limited to
username, IP address, and network range} with the required authorization
access to access a given system or network.
Risk Acceptance - 🧠ANSWER ✔✔a term that indicates an understanding
and willingness to bear the likelihood and impact of a specific threat to an
organization's systems or networks
reverse DNS lookup - 🧠ANSWER ✔✔queries the PTR record for a named
IP address and then returns the associated domain name
Stumbling - 🧠ANSWER ✔✔a surveillance technique used to discover
SSIDs, router information, signal strength, MAC addresses, and other
information pertinent to an 802.11 wireless network
AAA - 🧠ANSWER ✔✔Authentication, Authorization and Accounting;
1
COPYRIGHT©JOSHCLAY 2025/2026. YEAR PUBLISHED 2025. COMPANY REGISTRATION NUMBER: 619652435. TERMS OF USE. PRIVACY
STATEMENT. ALL RIGHTS RESERVED
,a framework for intelligently controlling access to computer resources,
enforcing policies, auditing usage, and providing the information necessary
to bill for services
ACL - 🧠ANSWER ✔✔Access Control List
AES - 🧠ANSWER ✔✔advanced encryption standard, a symmetric 128-bit
block data encryption technique
AP - 🧠ANSWER ✔✔Access Point
API - 🧠ANSWER ✔✔Application Programming Interface is offered by a
server for communication with a client app. A client computer program can
send instructions to the server and get data from the server by sending
requests to various URL endpoints that form the API.
APT - 🧠ANSWER ✔✔Advanced Persistent Threat
ARP - 🧠ANSWER ✔✔Address Resolution Protocol. An Internet protocol
used to map an IP address to a MAC address. Defined in RFC 826.
AS2 - 🧠ANSWER ✔✔Applicability Statement 2;
2
COPYRIGHT©JOSHCLAY 2025/2026. YEAR PUBLISHED 2025. COMPANY REGISTRATION NUMBER: 619652435. TERMS OF USE. PRIVACY
STATEMENT. ALL RIGHTS RESERVED
,is a specification about how to transport structured business-to-business
data securely and reliably over the Internet. Security is achieved by using
digital certificates and encryption.
BeEF - 🧠ANSWER ✔✔Browser Exploitation Framework;
a penetration testing tool that focuses on the web browser
BLE - 🧠ANSWER ✔✔Bluetooth Low Energy
BSSID - 🧠ANSWER ✔✔Basic Service Set Identifiers
CA {Certificate Authority} - 🧠ANSWER ✔✔An organization that manages,
issues, and signs certificates and is part of a PKI. Certificates are an
important part of asymmetric encryption. Certificates include public keys
along with details on the owner of the certificate and on the CA that issued
the certificate.
CAPEC {Common Attack Pattern Enumeration and Classification} -
🧠ANSWER ✔✔is a comprehensive dictionary and classification taxonomy
of known attacks that can be used by analysts, developers, testers, and
educators to advance community understanding and enhance defenses"
3
COPYRIGHT©JOSHCLAY 2025/2026. YEAR PUBLISHED 2025. COMPANY REGISTRATION NUMBER: 619652435. TERMS OF USE. PRIVACY
STATEMENT. ALL RIGHTS RESERVED
, CLI - 🧠ANSWER ✔✔Command-line interface. An interface that enables the
user to interact with the operating system by entering commands and
optional arguments.
CSRF {Cross-Site Request Forgery} - 🧠ANSWER ✔✔an attack that forces
an end user to execute unwanted actions on a web application in which
they're currently authenticated; aka one-click attack or session riding
CSV - 🧠ANSWER ✔✔Comma-Separated Values
CVE - 🧠ANSWER ✔✔Common Vulnerabilities and Exposures (CVE). A
dictionary of publicly known security vulnerabilities and exposures.
CVSS {Common Vulnerability Scoring Systems} - 🧠ANSWER ✔✔attempts
to assign severity scores to vulnerabilities;
In CVSS 3.1, the base metric is comprised of 8 factors: access vector {AV},
access complexity {AC}, privileges required {PR}, user interaction {UI},
scope {S}, confidentiality {C}, integrity {I}, and availability {A}
C W E - 🧠ANSWER ✔✔Common Weakness Enumeration;
4
COPYRIGHT©JOSHCLAY 2025/2026. YEAR PUBLISHED 2025. COMPANY REGISTRATION NUMBER: 619652435. TERMS OF USE. PRIVACY
STATEMENT. ALL RIGHTS RESERVED
