Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Free Resources

Difficulty IndexLearn — Free ChaptersIT GlossaryFree Tools & LabsStudy GuidesCareer RoadmapsBrowse by VendorCisco Command ReferenceCCNA Scenarios

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

HomeCertificationsPT0-002DomainsTools and Code Analysis
PT0-002Free — No Signup

Tools and Code Analysis

Practice PT0-002 Tools and Code Analysis questions with full explanations on every answer.

59questions

Start practicing

Tools and Code Analysis — choose a session length

10 questions~10 min20 questions~20 min30 questions~30 min50 questions~50 min

Free · No account required

PT0-002 Domains

Information Gathering and Vulnerability ScanningPlanning and ScopingReporting and CommunicationAttacks and ExploitsTools and Code Analysis

Practice Tools and Code Analysis questions

10Q20Q30Q50Q

All PT0-002 Tools and Code Analysis questions (59)

Start session

Click any question to see the full explanation and answer options, or start a focused practice session above.

1

During a penetration test, you are asked to identify all live hosts on a subnet. Which Nmap scan type is most likely to evade firewalls and determine if a host is up without completing the TCP handshake?

2

A penetration tester wants to exploit a vulnerable service on a target using a known module. Which framework provides a large database of exploit modules, payloads, and post-exploitation tools?

3

During a web application test, a penetration tester needs to modify an HTTP request in real-time, send it repeatedly with different parameter values, and analyze the responses. Which Burp Suite tool is best suited for this task?

4

After gaining initial access to a Windows domain controller, a tester wants to extract password hashes from the SAM database and domain account hashes. Which Impacket tool is designed for this purpose?

5

A penetration tester has captured a WPA2 handshake. Which tool from the Aircrack-ng suite is used to crack the pre-shared key?

6

During a code review of a PHP web application, you encounter the following code: $result = mysql_query("SELECT * FROM users WHERE username='" . $_GET['user'] . "'");. Which vulnerability does this represent?

7

A tester needs to brute-force SSH credentials on a target. Which tool is most appropriate for this task?

8

In a Python script for a penetration test, you need to craft a custom TCP packet with specific flags. Which library is best suited for low-level packet manipulation?

9

Which tool is used for security auditing of AWS environments and can enumerate misconfigurations in IAM, S3, and other services?

10

During a reverse engineering task on a .NET binary, which tool would allow you to decompile the code into readable C# source code?

11

A tester wants to perform an evil twin attack to capture WPA handshakes. Which tool from the Aircrack-ng suite is used to deauthenticate clients from a legitimate AP to force reconnection to the rogue AP?

12

Which PowerShell script is commonly used for post-exploitation enumeration of Active Directory, such as querying user accounts and group memberships?

13

A penetration tester is analyzing a network capture with Wireshark. Which TWO of the following are common uses of Wireshark in a pentest?

14

During a cloud security assessment of AWS, a tester wants to identify misconfigurations using automated tools. Which THREE tools are specifically designed for AWS security auditing?

15

A tester is reviewing source code for security vulnerabilities. Which TWO of the following are examples of insecure coding practices that often lead to critical vulnerabilities?

16

A penetration tester wants to identify all live hosts and open ports on a network segment. Which Nmap scan type is most efficient for this purpose?

17

During a web application test, a penetration tester needs to intercept and modify HTTP requests before forwarding them to the server. Which tool is best suited for this task?

18

A penetration tester is performing a password cracking task against a dump of NTLM hashes obtained from a Windows domain controller. Which tool would be the most efficient for this task?

19

A tester wants to perform a Kerberoasting attack against an Active Directory environment. Which Impacket tool would be most appropriate?

20

During a wireless penetration test, a tester captures WPA2 handshakes but finds they are unable to crack the password using a dictionary attack. Which technique could improve the likelihood of cracking the password?

21

A penetration tester is reviewing a Python script used for a custom exploit. Which of the following code snippets contains a dangerous function that could lead to remote code execution?

22

A tester decompiles a .NET application using dnSpy and finds a function that loads a serialized object from a file. Which vulnerability is most likely present?

23

A tester needs to enumerate Windows domain users and groups from a compromised system. Which PowerShell script would be most useful?

24

Which tool would be best for capturing and analyzing network packets to troubleshoot a web application?

25

A penetration tester wants to exploit a Windows system using a known vulnerability and gain a meterpreter session. Which tool is most appropriate?

26

During a source code review of a PHP application, the tester finds the following line: $query = "SELECT * FROM users WHERE username = '" . $_POST['username'] . "'"; Which vulnerability is present?

27

A tester needs to perform an online brute-force attack against an SSH service. Which tool is most suitable?

28

A penetration tester is conducting a wireless assessment and wants to capture WPA handshakes for offline cracking. Which two tools from the Aircrack-ng suite would be used? (Choose two.)

29

A tester has compromised a Linux server and wants to maintain persistence. Which three actions would be typical for post-exploitation? (Choose three.)

30

A penetration tester is reviewing code for insecure deserialization vulnerabilities. Which two languages are commonly associated with this vulnerability? (Choose two.)

31

A penetration tester has been given a target IP address and needs to quickly determine which services are running on the target. Which Nmap option should the tester use to perform a SYN scan with service version detection and default NSE scripts?

32

During a web application penetration test, the tester captures a login request in Burp Suite and wants to automate a brute-force attack against the password field. Which Burp Suite tool is specifically designed for this purpose?

33

A penetration tester needs to perform a Kerberoasting attack against a Windows Active Directory environment. Which tool from the Impacket suite should the tester use to request service tickets and extract TGS hashes for offline cracking?

34

A penetration tester is conducting a wireless security assessment. The target network uses WPA2-PSK. The tester has captured the four-way handshake. Which tool from the Aircrack-ng suite can be used to attempt to recover the pre-shared key by performing a dictionary attack?

35

During code review, a penetration tester identifies the following line in a PHP web application: $sql = "SELECT * FROM users WHERE username='" . $_GET['user'] . "'"; Which type of vulnerability is most likely present?

36

A penetration tester is analyzing a Linux binary and wants to decompile it to understand its logic. Which open-source tool is specifically designed for reverse engineering and can generate C-like pseudocode from compiled binaries?

37

A penetration tester needs to perform a dictionary attack against an SSH service. Which of the following tools is best suited for this task?

38

During a penetration test, the tester wants to capture network traffic for later analysis. Which tool is most appropriate for capturing packets and saving them to a pcap file?

39

A penetration tester has obtained a set of NTLM password hashes from a Windows domain controller. The tester wants to perform an offline cracking attack using GPU acceleration. Which tool is best suited for this purpose?

40

A penetration tester is performing a cloud security audit of an AWS environment. Which tool is specifically designed for AWS exploitation and post-exploitation, including privilege escalation and persistence?

41

A penetration tester is writing a Python script to send a crafted TCP packet to a target. Which Python library should the tester use for low-level packet crafting and injection?

42

A penetration tester needs to enumerate Active Directory users and groups from a Windows domain. Which PowerShell tool is specifically designed for AD enumeration and is commonly used in post-exploitation?

43

A penetration tester is reviewing a Java application for insecure deserialization vulnerabilities. Which of the following should the tester look for? (Choose TWO.)

44

A penetration tester is performing a wireless assessment and wants to set up an evil twin attack. Which of the following steps are necessary? (Choose THREE.)

45

A penetration tester is conducting a post-exploitation phase on a Windows target and wants to dump credentials. Which of the following tools can be used? (Choose TWO.)

46

A penetration tester needs to identify live hosts and open ports on a target network. Which tool is most appropriate for this task?

47

During a web application test, a penetration tester intercepts requests between the browser and server and modifies them in real time. Which Burp Suite tool is designed for this purpose?

48

After gaining initial access to a Windows system, a penetration tester wants to extract password hashes from the local SAM database. Which Impacket tool should be used?

49

A penetration tester is conducting a wireless assessment and needs to capture the four-way handshake to perform offline WPA cracking. Which tool is best suited for capturing the handshake?

50

A penetration tester needs to perform an online brute-force attack against an SSH service. Which tool is most appropriate?

51

During a code review, a penetration tester identifies a PHP function that executes arbitrary shell commands. Which function poses the greatest security risk if user input is not sanitized?

52

A penetration tester is analyzing a Java application and finds the following code snippet: Object obj = ois.readObject(); where ois is an ObjectInputStream. What vulnerability is most likely present if the input is untrusted?

53

Which cloud security auditing tool is designed specifically for assessing AWS environments and can perform enumeration of misconfigurations?

54

A penetration tester has captured network traffic and wants to analyze it using Wireshark. Which two actions can the tester perform to focus on specific types of communication? (Choose TWO.)

55

A penetration tester is performing post-exploitation on a Windows domain controller and wants to extract Kerberos tickets for offline cracking. Which two Impacket tools can be used to obtain ticket-granting service (TGS) tickets? (Choose TWO.)

56

During a penetration test, a tester needs to perform a deauthentication attack to force a client to reconnect and capture the WPA handshake. Which two tools from the Aircrack-ng suite are required? (Choose TWO.)

57

A penetration tester is reverse-engineering a .NET binary to understand its authentication logic. Which three tools are suitable for decompiling .NET assemblies? (Choose THREE.)

58

A penetration tester is writing a Bash script to automate scanning of multiple subnets with Nmap and parse the output. Which three features are commonly used in such a script? (Choose THREE.)

59

A penetration tester is reviewing source code and wants to identify common hardcoded credentials and input validation gaps. Which three checks should the tester perform? (Choose THREE.)

Practice all 59 Tools and Code Analysis questions

Other PT0-002 exam domains

Information Gathering and Vulnerability ScanningPlanning and ScopingReporting and CommunicationAttacks and Exploits

Frequently asked questions

What does the Tools and Code Analysis domain cover on the PT0-002 exam?

The Tools and Code Analysis domain covers the key concepts tested in this area of the PT0-002 exam blueprint published by CompTIA. Courseiva provides free domain-focused practice, mock exams, missed-question review, and readiness tracking across all PT0-002 domains — no account required.

How many Tools and Code Analysis questions are in the PT0-002 question bank?

The Courseiva PT0-002 question bank contains 59 questions in the Tools and Code Analysis domain. Click any question to see the full explanation and answer breakdown.

What is the best way to practice Tools and Code Analysis for PT0-002?

Start with a 10-question focused session to identify your baseline accuracy in this domain. Read every explanation — even for questions you answer correctly — to understand the reasoning. Once you score consistently above 80%, move to a 20–30 question session to confirm depth before moving to the next domain.

Can I practice only Tools and Code Analysis questions for PT0-002?

Yes — the session launcher on this page draws questions exclusively from the Tools and Code Analysis domain. Choose 10, 20, 30, or 50 questions for a focused session, or click individual questions to review them one by one.

Free forever · No credit card required

Track your PT0-002 domain progress

Save your results, see per-domain analytics, and get readiness scores — free, for every certification.

Sign Up Free

Free forever · Every certification included

Practice Session

10 questions20 questions30 questions50 questions

Study Resources

All DomainsPractice TestMock ExamFlashcardsStudy Guide

Related Exams

CS0-003SY0-701CEH