WGU TutoringAbout Us
UF GPA CalculatorUCF GPA CalculatorUC GPA CalculatorASU GPA CalculatorLSAC GPA CalculatorPurdue GPA CalculatorLSU GPA CalculatorRutgers GPA CalculatorOSU GPA CalculatorIU GPA CalculatorUW GPA CalculatorWKU GPA CalculatorTAMU GPA CalculatorUIUC GPA CalculatorUT Austin GPA CalculatorUofSC GPA CalculatorBerkeley GPA CalculatorUNL GPA CalculatorUTK GPA CalculatorUARK GPA CalculatorMizzou GPA CalculatorPenn State GPA CalculatorNYU GPA CalculatorUMich GPA CalculatorFSU GPA CalculatorUCLA GPA CalculatorGeorgia Tech GPA CalculatorUGA GPA CalculatorUNC GPA CalculatorVirginia Tech GPA CalculatorMSU GPA CalculatorUMN GPA CalculatorUofA GPA CalculatorView All Resources →
Praxis29SHRM4CompTIA10HRCI3GED5HiSET4PMP2Nursing1ASVAB1View All Practice Questions →
Contact
CompTIA Practice Questions

CompTIA PenTest+ Practice Questions

CompTIA PenTest+ (PT0-002)Practice with free CompTIA PenTest+ sample questions covering all five domains - planning and scoping, information gathering, attacks and exploits, reporting, and tools. Each question includes a detailed explanation so you actually understand the concepts behind penetration testing, not just memorize answers.

85
Total Questions
165 minutes
Time Limit
750 (on a scale of 100-900)
Passing Score
$404
Registration Fee

Free Sample Questions

Here are 5 free sample questions from our full bank of 400+ CompTIA PenTest+ practice questions. Try them out below — click "Show Answer" to reveal the correct response and explanation.

1

A penetration tester has been hired to assess a client's external network. During the planning phase, the client specifies that no social engineering attacks should be performed and testing must occur only between 10 PM and 6 AM. Which of the following documents BEST defines these boundaries?

AA) Master service agreement (MSA)
BB) Non-disclosure agreement (NDA)
CC) Rules of engagement (ROE)
DD) Statement of work (SOW)
2

During the information gathering phase of a penetration test, a tester runs the following command: 'dig axfr example.com @ns1.example.com'. What is the tester attempting to accomplish?

AA) Perform a DNS zone transfer to enumerate all DNS records
BB) Brute-force subdomains using a wordlist against the nameserver
CC) Perform a reverse DNS lookup on the target domain
DD) Query the WHOIS database for domain registration details
3

A penetration tester has compromised a Linux web server and wants to establish persistence. The tester adds a reverse shell command to the /etc/crontab file set to execute every 15 minutes. A few hours later, the connection stops working. Which of the following is the MOST likely reason?

AA) The firewall began blocking outbound connections on the specified port
BB) The cron daemon was restarted and cleared all scheduled tasks
CC) The system administrator reviewed the crontab and removed the malicious entry
DD) The reverse shell binary was quarantined by host-based antivirus software
4

After completing a penetration test, the tester discovered a critical SQL injection vulnerability in the client's customer-facing web application. The vulnerability allows an unauthenticated attacker to extract the entire customer database. How should this finding be classified in the final report?

AA) Low risk - the vulnerability requires technical skill to exploit
BB) Critical risk - unauthenticated access to sensitive data with high business impact
CC) Medium risk - SQL injection is a well-known vulnerability with available patches
DD) High risk - the vulnerability affects a production system but data may be encrypted
5

A penetration tester is analyzing the output of an Nmap scan and sees the following result for a target host: 'PORT 443/tcp open ssl/http | ssl-cert: Subject: CN=*.internal.company.com'. Which of the following conclusions can the tester MOST accurately draw from this output?

AA) The server is using a self-signed certificate that should be flagged as a vulnerability
BB) The server is running an outdated version of SSL that is vulnerable to POODLE
CC) The wildcard certificate reveals an internal domain naming convention useful for further enumeration
DD) The server has port 443 open but is not actually serving HTTPS traffic

Get the Full CompTIA PenTest+ Question Bank — 400+ Practice Questions

You just saw 5 sample questions. We have a complete bank of 400+ CompTIA PenTest+ practice questions with detailed answers and explanations ready for you. Fill out the form below and we'll send you the full question bank — completely free.

We'll send the full question bank to this email.

We won't spam you. Just a quick follow-up if needed.

All fields are required.

About the CompTIA PenTest+

Format & Structure

Total Questions
85
Time Limit
165 minutes
Format
Multiple choice and performance-based

Scoring & Cost

Passing Score
750 (on a scale of 100-900)
Registration Fee
$404

Related Practice Questions

CompTIA Security+ Practice Questions

Start Practicing

CompTIA CySA+ Practice Questions

Start Practicing

CompTIA CASP+ Practice Questions

Start Practicing

CompTIA Network+ Practice Questions

Start Practicing

Frequently Asked Questions

What is the CompTIA PenTest+ certification?

CompTIA PenTest+ (PT0-002) is an intermediate-level cybersecurity certification that validates your skills in penetration testing and vulnerability management. It covers the entire penetration testing lifecycle - from planning and scoping engagements through information gathering, attacking systems, and writing professional reports. The certification is vendor-neutral, meaning it focuses on concepts and techniques rather than specific tools or platforms.

What are the prerequisites for CompTIA PenTest+?

CompTIA recommends having CompTIA Network+, Security+, or equivalent knowledge, along with 3-4 years of hands-on information security experience. However, there are no hard prerequisites - anyone can register and sit for the certification. That said, PenTest+ builds heavily on networking and security fundamentals, so jumping in without that foundation would make the material significantly harder to grasp.

How does PenTest+ compare to Security+ and CySA+ in difficulty?

PenTest+ is generally considered more difficult than Security+ but comparable to CySA+ in overall difficulty - just with a different focus. Security+ covers broad security concepts at a foundational level, while PenTest+ goes deep into offensive security techniques. CySA+ focuses on the defensive side (blue team), whereas PenTest+ is all about the offensive side (red team). Many professionals get Security+ first, then branch into either PenTest+ or CySA+ depending on their career goals.

What are the performance-based questions on PenTest+ like?

Performance-based questions (PBQs) on the PenTest+ go beyond multiple choice - they present you with simulated scenarios where you might need to analyze tool output, interpret scan results, write a command to exploit a vulnerability, or drag and drop attack steps into the correct order. You could see anywhere from 2 to 5 PBQs on your test. They tend to appear at the beginning and are weighted more heavily than standard multiple-choice questions. Practicing with real tools like Nmap, Metasploit, and Burp Suite will help you feel comfortable with these.

What job roles does CompTIA PenTest+ prepare you for?

PenTest+ is designed for roles like penetration tester, vulnerability analyst, security consultant, and red team operator. It's also valuable for security engineers and network security specialists who want to understand offensive techniques. Many government and defense contractor positions specifically list PenTest+ as a qualifying certification under DoD Directive 8570/8140, making it especially useful if you're targeting those sectors.

How long should I study for CompTIA PenTest+?

Most people need 8 to 12 weeks of dedicated study, assuming you already have a Security+ level foundation. If you're coming in with hands-on penetration testing experience, you might be able to prepare in 4 to 6 weeks. The key is not just reading material but actually practicing with tools in a lab environment - set up vulnerable VMs, run scans, exploit services, and write mock reports. Candidates who combine book study with hands-on labs tend to pass at much higher rates.

How do I renew my CompTIA PenTest+ certification?

CompTIA PenTest+ is valid for three years from the date you pass. To renew, you need to earn 60 Continuing Education Units (CEUs) within that three-year period. You can earn CEUs through activities like attending training, publishing articles, participating in cybersecurity competitions, or earning higher-level certifications. You can also simply retake the current version of the certification. CompTIA charges an annual CE fee of $50 to maintain your certification in their system.

Is PenTest+ worth it compared to OSCP or CEH?

It depends on your goals and experience level. PenTest+ sits between CEH and OSCP in terms of difficulty and recognition. CEH is more theoretical and multiple-choice heavy, while OSCP is a grueling 24-hour hands-on practical. PenTest+ strikes a good middle ground - it tests practical knowledge with performance-based questions but doesn't require the deep exploitation skills that OSCP demands. For entry to mid-level penetration testing roles, PenTest+ is widely respected and often more accessible. If you're aiming for senior pentesting positions at specialized firms, OSCP carries more weight in the industry.

Get 400+ CompTIA PenTest+ Practice Questions

Don't settle for just 5 sample questions. Request the full question bank and start preparing with confidence.

Get Started