CompTIA PenTest+ Guide to Penetration Testing by Rob S. Wilson/2.1.3 - Penetration Testing Process and Types (Practice Questions)/ Module 02: Setting Up a Penetration Testing Lab/ CertMaster Pentest+ Practice Updated 2025/2026

CompTIA PenTest+ Guide to Penetration Testing by Rob
S. Wilson/2.1.3 - Penetration Testing Process and Types
(Practice Questions)/ Module 02: Setting Up a
Penetration Testing Lab/ CertMaster Pentest+ Practice
Updated 2025/2026

Ethical Hacking - Correct Answers Penetration testing is the practice of finding vulnerabilities
Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il`




and risks with the purpose of securing a computer or network. Penetration testing falls under
Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il`




which all-encompassing term?
Il` Il` Il`




Il` Scanning and enumeration - Correct Answers Heather is performing a penetration test. She has
Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il`




Il` gathered a lot of valuable information about her target already. Heather has used some hacking
Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il`




Il` tools to determine that, on her target network, a computer named Production Workstation has
Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il`




Il` port 445 open. Which step in the ethical hacking methodology is Heather performing?
Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il`




Il` Gain access - Correct Answers Which of the following is the third step in the ethical hacking
Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il`




Il` methodology?



Il` OWASP - Correct Answers Miguel is performing a penetration test on his client's web-based
Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il`




Il` application. Which penetration test frameworks should Miguel utilize? Il` Il` Il` Il` Il` Il` Il`




Il` Reporting - Correct Answers The penetration testing life cycle is a common methodology used
Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il`




Il` when performing a penetration test. This methodology is almost identical to the ethical hacking
Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il`




Il` methodology. Which of the following is the key difference between these methodologies? Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il`




Il` Black box - Correct Answers You are executing an attack in order to simulate an outside attack.
Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il`




Il` Which type of penetration test are you performing?
Il` Il` Il` Il` Il` Il` Il`

,Il` The ethical hacker has partial information about the target or network. - Correct Answers Which
Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il`




Il` of the following best describes a gray box penetration test?
Il` Il` Il` Il` Il` Il` Il` Il` Il`




Il` Performs offensive security tasks to test the network's security. - Correct Answers Randy was
Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il`




Il` just hired as a penetration tester for the red team. Which of the following best describes the red
Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il`




Il` team?

Module 02: Setting Up a Penetration Testing Lab Il` Il` Il` Il` Il` Il` Il`




A virtualization platform - Correct Answers What is VirtualBox?
Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il`




A. A vulnerability testing tool
Il` Il` Il` Il`




B. A virtualization platform
Il` Il` Il`




C. A set of cloud-based hacking tools
Il` Il` Il` Il` Il` Il`




D. An online file storage solution
Il` Il` Il` Il` Il`




Il` True - Correct Answers Kali Linux is widely used by pen testers because it's free and comes with
Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il`




Il` many pen-testing tools already installed. Il` Il` Il` Il`




A. True Il`




B. False Il`




Il` An Open Virtual Appliance - Correct Answers What is an OVA?
Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il`




A. An Open Virus Attack
Il` Il` Il` Il`




B. An Online Virtual Application
Il` Il` Il` Il`




C. An Oracle Virtual Appliance
Il` Il` Il` Il`




D. An Open Virtual Appliance
Il` Il` Il` Il`

,Il` A purposefully vulnerable virtual machine useful for practicing pen testing. - Correct Answers
Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il`




Il` What is Metasploitable2? Il` Il`




A. A purposefully vulnerable virtual machine useful for practicing pen testing.
Il` Il` Il` Il` Il` Il` Il` Il` Il` Il`




B. A pen-testing framework
Il` Il` Il`




C. A type of malware
Il` Il` Il` Il`




D. A pen-testing application
Il` Il` Il`




Il` ip addrIl`




ifconfig - Correct Answers Which two of the following commands reveal IP address information
Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il`




on a Linux machine?
Il` Il` Il` Il`




A. ipconfig
Il`




B. show ip addr brief
Il` Il` Il` Il`




C. ip addr
Il` Il`




D. ifconfig
Il`




Il` January 2020 - Correct Answers When did Windows 7 reach the end of its life?
Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il`




A. January 2022
Il` Il`




B. April 2021
Il` Il`




C. January 2020
Il` Il`




D. Windows 7 is still supported.
Il` Il` Il` Il` Il`




Il` 12 - Correct Answers What percentage of computers still run Windows 7?
Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il`

, A. 1 Il`




B. 5 Il`




C. 10 Il`




D. 12 Il`




Il` ipconfig - Correct Answers What Windows command displays useful IP configuration
Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il`




Il` information such as the IP address assigned to a network interface? Il` Il` Il` Il` Il` Il` Il` Il` Il` Il`




A. ipconfig
Il`




B. show ip addr brief
Il` Il` Il` Il`




C. ip addr
Il` Il`




D. ifconfig
Il`




Il` 1.3 billion - Correct Answers Approximately how many devices worldwide currently run
Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il`




Il` Windows 10? Il`




A. 1 billion
Il` Il`




B. 10 billion
Il` Il`




C. 3.14159 billion
Il` Il`




D. 1.3 billion
Il` Il`




Il` By adding the Active Directory Domain Services role - Correct Answers How can a Windows
Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il` Il`




Il` Server be made into a domain controller?Il` Il` Il` Il` Il` Il`




A. By adding the Domain Controller role
Il` Il` Il` Il` Il` Il`




B. By adding the Active Directory Domain Services role
Il` Il` Il` Il` Il` Il` Il` Il`




C. By adding the Active Directory Domain Services feature
Il` Il` Il` Il` Il` Il` Il` Il`