Page |1
Pentest+ (PT0-002) Questions and Correct
Answers/ Latest Update / Already Graded
White-list {Access Control}
Ans: allows specifically identified users {based on identification
mechanisms including but not limited to username, IP address,
and network range} with the required authorization access to
access a given system or network.
Risk Acceptance
Ans: a term that indicates an understanding and willingness to
bear the likelihood and impact of a specific threat to an
organization's systems or networks
reverse DNS lookup
Ans: queries the PTR record for a named IP address and then
returns the associated domain name
Stumbling
Ans: a surveillance technique used to discover SSIDs, router
information, signal strength, MAC addresses, and other
information pertinent to an 802.11 wireless network
All rights reserved © 2025/ 2026 |
, Page |2
AAA
Ans: Authentication, Authorization and Accounting;
a framework for intelligently controlling access to computer
resources, enforcing policies, auditing usage, and providing the
information necessary to bill for services
ACL
Ans: Access Control List
AES
Ans: advanced encryption standard, a symmetric 128 -bit block
data encryption technique
AP
Ans: Access Point
API
Ans: Application Programming Interface is offered by a server
for communication with a client app. A client computer
program can send instructions to the server and get data from
All rights reserved © 2025/ 2026 |
, Page |3
the server by sending requests to various URL endpoints that
form the API.
APT
Ans: Advanced Persistent Threat
ARP
Ans: Address Resolution Protocol. An Internet protocol used to
map an IP address to a MAC address. Defined in RFC 826.
AS2
Ans: Applicability Statement 2;
is a specification about how to transport structured business -
to-business data securely and reliably over the Internet.
Security is achieved by using digital certificates and encryption.
BeEF
Ans: Browser Exploitation Framework;
a penetration testing tool that focuses on the web browser
BLE
All rights reserved © 2025/ 2026 |
, Page |4
Ans: Bluetooth Low Energy
BSSID
Ans: Basic Service Set Identifiers
CA {Certificate Authority}
Ans: An organization that manages, issues, and signs
certificates and is part of a PKI. Certificates are an important
part of asymmetric encryption. Certificates include public keys
along with details on the owner of the certificate and on the CA
that issued the certificate.
CAPEC {Common Attack Pattern Enumeration and Classification}
Ans: is a comprehensive dictionary and classification taxonomy
of known attacks that can be used by analysts, developers,
testers, and educators to advance community understanding
and enhance defenses"
CLI
Ans: Command-line interface. An interface that enables the
user to interact with the operating system by entering
commands and optional arguments.
All rights reserved © 2025/ 2026 |
Pentest+ (PT0-002) Questions and Correct
Answers/ Latest Update / Already Graded
White-list {Access Control}
Ans: allows specifically identified users {based on identification
mechanisms including but not limited to username, IP address,
and network range} with the required authorization access to
access a given system or network.
Risk Acceptance
Ans: a term that indicates an understanding and willingness to
bear the likelihood and impact of a specific threat to an
organization's systems or networks
reverse DNS lookup
Ans: queries the PTR record for a named IP address and then
returns the associated domain name
Stumbling
Ans: a surveillance technique used to discover SSIDs, router
information, signal strength, MAC addresses, and other
information pertinent to an 802.11 wireless network
All rights reserved © 2025/ 2026 |
, Page |2
AAA
Ans: Authentication, Authorization and Accounting;
a framework for intelligently controlling access to computer
resources, enforcing policies, auditing usage, and providing the
information necessary to bill for services
ACL
Ans: Access Control List
AES
Ans: advanced encryption standard, a symmetric 128 -bit block
data encryption technique
AP
Ans: Access Point
API
Ans: Application Programming Interface is offered by a server
for communication with a client app. A client computer
program can send instructions to the server and get data from
All rights reserved © 2025/ 2026 |
, Page |3
the server by sending requests to various URL endpoints that
form the API.
APT
Ans: Advanced Persistent Threat
ARP
Ans: Address Resolution Protocol. An Internet protocol used to
map an IP address to a MAC address. Defined in RFC 826.
AS2
Ans: Applicability Statement 2;
is a specification about how to transport structured business -
to-business data securely and reliably over the Internet.
Security is achieved by using digital certificates and encryption.
BeEF
Ans: Browser Exploitation Framework;
a penetration testing tool that focuses on the web browser
BLE
All rights reserved © 2025/ 2026 |
, Page |4
Ans: Bluetooth Low Energy
BSSID
Ans: Basic Service Set Identifiers
CA {Certificate Authority}
Ans: An organization that manages, issues, and signs
certificates and is part of a PKI. Certificates are an important
part of asymmetric encryption. Certificates include public keys
along with details on the owner of the certificate and on the CA
that issued the certificate.
CAPEC {Common Attack Pattern Enumeration and Classification}
Ans: is a comprehensive dictionary and classification taxonomy
of known attacks that can be used by analysts, developers,
testers, and educators to advance community understanding
and enhance defenses"
CLI
Ans: Command-line interface. An interface that enables the
user to interact with the operating system by entering
commands and optional arguments.
All rights reserved © 2025/ 2026 |
