Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

Certifications›PT0-002›Objectives›Tools and Code Analysis
Objective 5.0

Tools and Code Analysis

PT0-002 Practice Questions

Use this page to practise Tools and Code Analysis questions for this certification. Focus on how the exam tests tools and code analysis in scenario format — understanding the why behind each answer builds more durable knowledge than memorising options.

Full Practice Test →All Objectives

What this objective tests

PT0-002 Tools and Code Analysis — Key Topics

Tools and Code Analysis questions on this certification test your ability to deploy and manage tools and code analysis concepts in scenario-based situations.

  • Core Tools and Code Analysis concepts and how they apply in real-world cloud scenarios.
  • How to deploy tools and code analysis correctly and verify the outcome.
  • Troubleshooting tools and code analysis issues by interpreting error output and system state.
  • Cloud best practices and Tools and Code Analysis design trade-offs tested by this certification.

Common exam traps

Where candidates lose marks on Tools and Code Analysis

  • ⚠Selecting the most expensive service when a simpler managed option meets the requirement.
  • ⚠Forgetting that cloud resources must be explicitly secured — defaults are rarely secure.
  • ⚠Choosing a global service fix when the issue is region-specific.
  • ⚠Overlooking cost implications of cross-region data transfer in architecture questions.

PT0-002 Tools and Code Analysis — Practice Questions

30 questions from this objective

Question 2mediummultiple choice
Study the full Python automation breakdown →

A penetration tester wrote a Python script to automate HTTP request fuzzing. The script uses the 'requests' library to send payloads and checks for reflected content in the response. The tester wants to analyze the script for potential improvements. Which of the following code changes would MOST directly reduce false positives in detecting reflection?

Question 3mediummultiple choice
Full question →

A penetration tester is analyzing a PowerShell script used for post-exploitation on a Windows domain. The script contains the following line: Invoke-Command -ComputerName $target -ScriptBlock { get-process -Name "explorer" }. What is the primary purpose of this command?

Question 4easymultiple choice
Full question →

A penetration tester wants to identify live hosts on a large internal network. Which Nmap option would be the FASTEST for initial host discovery?

Question 5mediummultiple choice
Study the full Python automation breakdown →

A penetration tester writes a Python script to test an API for vulnerabilities. The script sends requests with multiple payloads and checks if the response contains an error message indicating a potential injection. Which of the following code snippets would BEST reduce false positives by verifying that the injected parameter is processed?

Question 6mediummultiple choice
Study the full Python automation breakdown →

A penetration tester is reviewing a Python script that uses the `requests` library to send HTTP POST requests to a login endpoint. The script attempts to bypass authentication by sending SQL injection payloads in the username field. Which of the following code changes would MOST effectively help the tester identify successful injections by reducing false negatives?

Question 7mediummultiple choice
Study the full Python automation breakdown →

A penetration tester writes a Python script to test for directory traversal vulnerabilities in a web application. The script uses the requests library to send a payload like '../../etc/passwd' and checks if the response contains the string 'root:'. However, the tester notices many false negatives because the application requires URL encoding of the dots and slashes. Which code modification would BEST improve the detection rate?

Question 8easymultiple choice
Full question →

A penetration tester wants to enumerate SMB shares, user lists, and operating system information from a Windows target without authenticating. Which of the following tools is BEST suited for this task?

Question 9mediummultiple choice
Study the full Python automation breakdown →

A penetration tester is reviewing a Python script that attempts to exploit a command injection vulnerability. The script uses the 'subprocess' module with the 'shell=True' argument. Which of the following code changes would be MOST effective to reduce the risk of unintended consequences when executing system commands?

Question 10mediummultiple choice
Full question →

A penetration tester is writing a Bash script to automate enumeration of a Linux system after gaining a shell. The script needs to extract user information from the /etc/passwd file. Which command would be most efficient for listing only the usernames?

Question 11mediummultiple choice
Study the full Python automation breakdown →

A penetration tester is analyzing a Python script that uses the Impacket library to perform an SMB relay attack. The script is failing to capture NTLM hashes from target machines. Which part of the script is MOST likely misconfigured?

Question 12mediummultiple choice
Full question →

A penetration tester is using Burp Suite to test a web application. The tester notices that the application relies on client-side JavaScript validation to restrict input. To bypass this validation and test for server-side vulnerabilities, which Burp Suite feature is MOST useful for automatically modifying requests before they are sent to the server?

Question 13mediummultiple choice
Full question →

A penetration tester is writing a Bash script to enumerate users from the /etc/passwd file on a compromised Linux system. Which command will efficiently print only the usernames?

Question 14mediummultiple choice
Study the full Python automation breakdown →

A penetration tester is analyzing a Python script that uses the 'paramiko' library to automate SSH key-based authentication across multiple servers. The script fails with 'AuthenticationException' for some servers that the tester is certain have the correct private key configured. Which of the following is the most likely cause of this failure?

Question 15hardmultiple choice
Full question →

A penetration tester is writing a return-oriented programming (ROP) exploit for a Linux binary to bypass Data Execution Prevention (DEP). The binary has DEP enabled, but the tester identifies a gadget in a dynamically linked library that is not affected by ASLR. Which condition must be true for the ROP chain to succeed?

Question 16mediummultiple choice
Full question →

A penetration tester is using Burp Suite to intercept and modify HTTP traffic. When browsing to an HTTPS site, the tester observes that the requests are encrypted and not being intercepted by Burp. Which configuration step is most likely missing?

Question 17easymultiple choice
Full question →

A penetration tester wants to quickly capture and analyze network packets during an internal test to identify unencrypted protocols. Which command-line tool is commonly used for packet capture on Linux?

Question 18mediummultiple choice
Full question →

A penetration tester is using an Nmap NSE script to enumerate SMB shares on a target Windows server. The script runs without errors but returns no shares, even though the server has shares configured. Which is the MOST likely cause?

Question 19easymultiple choice
Full question →

A penetration tester has obtained a dump of NTLM password hashes from a Windows Domain Controller. The tester wants to crack these hashes as quickly as possible using GPU acceleration. Which tool is the BEST choice for this task?

Question 20mediummultiple choice
Full question →

A penetration tester is writing a Bash script to automate the extraction of password hashes from a Windows system after gaining SYSTEM-level access. The script uses 'reg.exe' to save the SAM and SYSTEM hives. Which command should the tester include in the script to export the SAM hive to a file?

Question 21easymultiple choice
Full question →

A penetration tester wants to quickly identify the listening services on a target Linux server without performing a full port scan. The tester has obtained an unauthenticated shell as a low-privileged user. Which built-in command is most likely available on a modern Linux distribution to list all listening TCP sockets?

Question 22mediummultiple choice
Full question →

A penetration tester is analyzing a web application's JavaScript files to discover hidden API endpoints and potential client-side vulnerabilities. Which tool is specifically designed to extract URLs and endpoints from JavaScript files?

Question 23mediummultiple choice
Study the full Python automation breakdown →

A penetration tester is analyzing a Python script that uses the requests library to automate web vulnerability scanning. The script sends POST requests with payloads but receives 403 Forbidden responses for many requests, even though manual testing with the same payloads works. Which is the most likely cause?

Question 24mediummultiple choice
Full question →

A penetration tester is writing a Bash script to enumerate network shares on multiple Windows hosts. The script uses smbclient to list shares. Which command should be used within the script to attempt to connect to a host with a known username and password?

Question 25mediummultiple choice
Full question →

A penetration tester is using Hashcat to crack NTLM hashes obtained from a Windows system. The tester wants to use a rule-based attack to maximize cracking success. Which Hashcat mode should be used for NTLM hashes?

Question 26mediummultiple choice
Study the full Python automation breakdown →

A penetration tester is analyzing a Python script used for web application testing. The script imports the 'socket' module and uses it to create a raw socket. Which of the following is the most likely purpose of the script?

Question 27easymultiple choice
Full question →

A penetration tester is analyzing a Bash script that contains the following line: 'for ip in $(cat ip_list.txt); do nc -zv $ip 22; done'. What is the primary purpose of this script?

Question 28mediummultiple choice
Study the full Python automation breakdown →

A penetration tester is reviewing a Python script that uses the 'mitmproxy' library. The script sets up a proxy and captures HTTP traffic, then modifies certain requests in real time. Which of the following is the most likely purpose of this script?

Question 29easymultiple choice
Full question →

A penetration tester is performing internal reconnaissance on a Windows domain. The tester wants to enumerate SMB shares on multiple hosts quickly. Which tool is best suited for this task?

Question 30hardmultiple choice
Study the full Python automation breakdown →

A penetration tester is analyzing a Python script that imports the 'scapy' library. The script defines a function that sends a series of TCP SYN packets to a target IP and port range, and then waits for SYN-ACK responses. Which attack is the script performing?

Question 31mediummultiple choice
Study the full Python automation breakdown →

A penetration tester is analyzing a Python script that uses the 'subprocess' module to execute shell commands. The tester notices that the script passes user-supplied input directly to the shell without any sanitization or validation. Which vulnerability class is most likely present in this script?

More Tools and Code Analysis questions available in the full practice test.

Continue Practising →
←

Previous objective

Reporting and Communication

All PT0-002 Objectives

  • 1.Planning and Scoping
  • 2.Information Gathering and Vulnerability Scanning
  • 3.Attacks and Exploits
  • 4.Reporting and Communication
  • 5.Tools and Code Analysis