Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Free Resources

Difficulty IndexLearn — Free ChaptersIT GlossaryFree Tools & LabsStudy GuidesCareer RoadmapsBrowse by VendorCisco Command ReferenceCCNA Scenarios

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

← Tools and Code Analysis practice sets

PT0-002 Tools and Code Analysis • Complete Question Bank

PT0-002 Tools and Code Analysis — All Questions With Answers

Complete PT0-002 Tools and Code Analysis question bank — all 0 questions with answers and detailed explanations.

59
Questions
Free
No signup
Certifications/PT0-002/Practice Test/Tools and Code Analysis/All Questions
Question 1mediummultiple choice
Review the full subnetting walkthrough →

During a penetration test, you are asked to identify all live hosts on a subnet. Which Nmap scan type is most likely to evade firewalls and determine if a host is up without completing the TCP handshake?

Question 2easymultiple choice
Read the full Tools and Code Analysis explanation →

A penetration tester wants to exploit a vulnerable service on a target using a known module. Which framework provides a large database of exploit modules, payloads, and post-exploitation tools?

Question 3hardmultiple choice
Read the full Tools and Code Analysis explanation →

During a web application test, a penetration tester needs to modify an HTTP request in real-time, send it repeatedly with different parameter values, and analyze the responses. Which Burp Suite tool is best suited for this task?

Question 4mediummultiple choice
Read the full Tools and Code Analysis explanation →

After gaining initial access to a Windows domain controller, a tester wants to extract password hashes from the SAM database and domain account hashes. Which Impacket tool is designed for this purpose?

Question 5mediummultiple choice
Read the full wireless explanation →

A penetration tester has captured a WPA2 handshake. Which tool from the Aircrack-ng suite is used to crack the pre-shared key?

Question 6hardmultiple choice
Read the full Tools and Code Analysis explanation →

During a code review of a PHP web application, you encounter the following code: $result = mysql_query("SELECT * FROM users WHERE username='" . $_GET['user'] . "'");. Which vulnerability does this represent?

Question 7mediummultiple choice
Read the full Tools and Code Analysis explanation →

A tester needs to brute-force SSH credentials on a target. Which tool is most appropriate for this task?

Question 8mediummultiple choice
Study the full Python automation breakdown →

In a Python script for a penetration test, you need to craft a custom TCP packet with specific flags. Which library is best suited for low-level packet manipulation?

Question 9easymultiple choice
Read the full Tools and Code Analysis explanation →

Which tool is used for security auditing of AWS environments and can enumerate misconfigurations in IAM, S3, and other services?

Question 10hardmultiple choice
Read the full Tools and Code Analysis explanation →

During a reverse engineering task on a .NET binary, which tool would allow you to decompile the code into readable C# source code?

Question 11mediummultiple choice
Read the full wireless explanation →

A tester wants to perform an evil twin attack to capture WPA handshakes. Which tool from the Aircrack-ng suite is used to deauthenticate clients from a legitimate AP to force reconnection to the rogue AP?

Question 12easymultiple choice
Read the full Tools and Code Analysis explanation →

Which PowerShell script is commonly used for post-exploitation enumeration of Active Directory, such as querying user accounts and group memberships?

Question 13mediummulti select
Read the full Tools and Code Analysis explanation →

A penetration tester is analyzing a network capture with Wireshark. Which TWO of the following are common uses of Wireshark in a pentest?

Question 14hardmulti select
Read the full Tools and Code Analysis explanation →

During a cloud security assessment of AWS, a tester wants to identify misconfigurations using automated tools. Which THREE tools are specifically designed for AWS security auditing?

Question 15mediummulti select
Read the full Tools and Code Analysis explanation →

A tester is reviewing source code for security vulnerabilities. Which TWO of the following are examples of insecure coding practices that often lead to critical vulnerabilities?

Question 16easymultiple choice
Read the full Tools and Code Analysis explanation →

A penetration tester wants to identify all live hosts and open ports on a network segment. Which Nmap scan type is most efficient for this purpose?

Question 17easymultiple choice
Read the full Tools and Code Analysis explanation →

During a web application test, a penetration tester needs to intercept and modify HTTP requests before forwarding them to the server. Which tool is best suited for this task?

Question 18mediummultiple choice
Read the full Tools and Code Analysis explanation →

A penetration tester is performing a password cracking task against a dump of NTLM hashes obtained from a Windows domain controller. Which tool would be the most efficient for this task?

Question 19mediummultiple choice
Read the full Tools and Code Analysis explanation →

A tester wants to perform a Kerberoasting attack against an Active Directory environment. Which Impacket tool would be most appropriate?

Question 20hardmultiple choice
Read the full wireless explanation →

During a wireless penetration test, a tester captures WPA2 handshakes but finds they are unable to crack the password using a dictionary attack. Which technique could improve the likelihood of cracking the password?

Question 21mediummultiple choice
Study the full Python automation breakdown →

A penetration tester is reviewing a Python script used for a custom exploit. Which of the following code snippets contains a dangerous function that could lead to remote code execution?

Question 22hardmultiple choice
Read the full DNS explanation →

A tester decompiles a .NET application using dnSpy and finds a function that loads a serialized object from a file. Which vulnerability is most likely present?

Question 23mediummultiple choice
Read the full Tools and Code Analysis explanation →

A tester needs to enumerate Windows domain users and groups from a compromised system. Which PowerShell script would be most useful?

Question 24easymultiple choice
Read the full Tools and Code Analysis explanation →

Which tool would be best for capturing and analyzing network packets to troubleshoot a web application?

Question 25mediummultiple choice
Read the full Tools and Code Analysis explanation →

A penetration tester wants to exploit a Windows system using a known vulnerability and gain a meterpreter session. Which tool is most appropriate?

Question 26hardmultiple choice
Read the full Tools and Code Analysis explanation →

During a source code review of a PHP application, the tester finds the following line: $query = "SELECT * FROM users WHERE username = '" . $_POST['username'] . "'"; Which vulnerability is present?

Question 27mediummultiple choice
Read the full Tools and Code Analysis explanation →

A tester needs to perform an online brute-force attack against an SSH service. Which tool is most suitable?

Question 28mediummulti select
Read the full wireless explanation →

A penetration tester is conducting a wireless assessment and wants to capture WPA handshakes for offline cracking. Which two tools from the Aircrack-ng suite would be used? (Choose two.)

Question 29hardmulti select
Read the full Tools and Code Analysis explanation →

A tester has compromised a Linux server and wants to maintain persistence. Which three actions would be typical for post-exploitation? (Choose three.)

Question 30mediummulti select
Read the full Tools and Code Analysis explanation →

A penetration tester is reviewing code for insecure deserialization vulnerabilities. Which two languages are commonly associated with this vulnerability? (Choose two.)

Question 31easymultiple choice
Read the full Tools and Code Analysis explanation →

A penetration tester has been given a target IP address and needs to quickly determine which services are running on the target. Which Nmap option should the tester use to perform a SYN scan with service version detection and default NSE scripts?

Question 32mediummultiple choice
Read the full Tools and Code Analysis explanation →

During a web application penetration test, the tester captures a login request in Burp Suite and wants to automate a brute-force attack against the password field. Which Burp Suite tool is specifically designed for this purpose?

Question 33mediummultiple choice
Read the full Tools and Code Analysis explanation →

A penetration tester needs to perform a Kerberoasting attack against a Windows Active Directory environment. Which tool from the Impacket suite should the tester use to request service tickets and extract TGS hashes for offline cracking?

Question 34hardmultiple choice
Read the full wireless explanation →

A penetration tester is conducting a wireless security assessment. The target network uses WPA2-PSK. The tester has captured the four-way handshake. Which tool from the Aircrack-ng suite can be used to attempt to recover the pre-shared key by performing a dictionary attack?

Question 35mediummultiple choice
Read the full Tools and Code Analysis explanation →

During code review, a penetration tester identifies the following line in a PHP web application: $sql = "SELECT * FROM users WHERE username='" . $_GET['user'] . "'"; Which type of vulnerability is most likely present?

Question 36hardmultiple choice
Read the full Tools and Code Analysis explanation →

A penetration tester is analyzing a Linux binary and wants to decompile it to understand its logic. Which open-source tool is specifically designed for reverse engineering and can generate C-like pseudocode from compiled binaries?

Question 37mediummultiple choice
Read the full Tools and Code Analysis explanation →

A penetration tester needs to perform a dictionary attack against an SSH service. Which of the following tools is best suited for this task?

Question 38easymultiple choice
Read the full Tools and Code Analysis explanation →

During a penetration test, the tester wants to capture network traffic for later analysis. Which tool is most appropriate for capturing packets and saving them to a pcap file?

Question 39mediummultiple choice
Read the full Tools and Code Analysis explanation →

A penetration tester has obtained a set of NTLM password hashes from a Windows domain controller. The tester wants to perform an offline cracking attack using GPU acceleration. Which tool is best suited for this purpose?

Question 40hardmultiple choice
Read the full Tools and Code Analysis explanation →

A penetration tester is performing a cloud security audit of an AWS environment. Which tool is specifically designed for AWS exploitation and post-exploitation, including privilege escalation and persistence?

Question 41mediummultiple choice
Study the full Python automation breakdown →

A penetration tester is writing a Python script to send a crafted TCP packet to a target. Which Python library should the tester use for low-level packet crafting and injection?

Question 42easymultiple choice
Read the full Tools and Code Analysis explanation →

A penetration tester needs to enumerate Active Directory users and groups from a Windows domain. Which PowerShell tool is specifically designed for AD enumeration and is commonly used in post-exploitation?

Question 43mediummulti select
Read the full Tools and Code Analysis explanation →

A penetration tester is reviewing a Java application for insecure deserialization vulnerabilities. Which of the following should the tester look for? (Choose TWO.)

Question 44hardmulti select
Read the full wireless explanation →

A penetration tester is performing a wireless assessment and wants to set up an evil twin attack. Which of the following steps are necessary? (Choose THREE.)

Question 45mediummulti select
Read the full Tools and Code Analysis explanation →

A penetration tester is conducting a post-exploitation phase on a Windows target and wants to dump credentials. Which of the following tools can be used? (Choose TWO.)

Question 46easymultiple choice
Read the full Tools and Code Analysis explanation →

A penetration tester needs to identify live hosts and open ports on a target network. Which tool is most appropriate for this task?

Question 47mediummultiple choice
Read the full Tools and Code Analysis explanation →

During a web application test, a penetration tester intercepts requests between the browser and server and modifies them in real time. Which Burp Suite tool is designed for this purpose?

Question 48mediummultiple choice
Read the full Tools and Code Analysis explanation →

After gaining initial access to a Windows system, a penetration tester wants to extract password hashes from the local SAM database. Which Impacket tool should be used?

Question 49hardmultiple choice
Read the full wireless explanation →

A penetration tester is conducting a wireless assessment and needs to capture the four-way handshake to perform offline WPA cracking. Which tool is best suited for capturing the handshake?

Question 50easymultiple choice
Read the full Tools and Code Analysis explanation →

A penetration tester needs to perform an online brute-force attack against an SSH service. Which tool is most appropriate?

Question 51mediummultiple choice
Read the full Tools and Code Analysis explanation →

During a code review, a penetration tester identifies a PHP function that executes arbitrary shell commands. Which function poses the greatest security risk if user input is not sanitized?

Question 52hardmultiple choice
Read the full Tools and Code Analysis explanation →

A penetration tester is analyzing a Java application and finds the following code snippet: Object obj = ois.readObject(); where ois is an ObjectInputStream. What vulnerability is most likely present if the input is untrusted?

Question 53easymultiple choice
Read the full Tools and Code Analysis explanation →

Which cloud security auditing tool is designed specifically for assessing AWS environments and can perform enumeration of misconfigurations?

Question 54mediummulti select
Read the full Tools and Code Analysis explanation →

A penetration tester has captured network traffic and wants to analyze it using Wireshark. Which two actions can the tester perform to focus on specific types of communication? (Choose TWO.)

Question 55hardmulti select
Read the full Tools and Code Analysis explanation →

A penetration tester is performing post-exploitation on a Windows domain controller and wants to extract Kerberos tickets for offline cracking. Which two Impacket tools can be used to obtain ticket-granting service (TGS) tickets? (Choose TWO.)

Question 56mediummulti select
Read the full wireless explanation →

During a penetration test, a tester needs to perform a deauthentication attack to force a client to reconnect and capture the WPA handshake. Which two tools from the Aircrack-ng suite are required? (Choose TWO.)

Question 57hardmulti select
Read the full Tools and Code Analysis explanation →

A penetration tester is reverse-engineering a .NET binary to understand its authentication logic. Which three tools are suitable for decompiling .NET assemblies? (Choose THREE.)

Question 58mediummulti select
Review the full subnetting walkthrough →

A penetration tester is writing a Bash script to automate scanning of multiple subnets with Nmap and parse the output. Which three features are commonly used in such a script? (Choose THREE.)

Question 59easymulti select
Read the full Tools and Code Analysis explanation →

A penetration tester is reviewing source code and wants to identify common hardcoded credentials and input validation gaps. Which three checks should the tester perform? (Choose THREE.)

Practice tests

Scored 10-question sessions with instant feedback and explanations.

PT0-002 Practice Test 1 — 25 Questions→PT0-002 Practice Test 2 — 25 Questions→PT0-002 Practice Test 3 — 25 Questions→PT0-002 Practice Test 4 — 25 Questions→PT0-002 Practice Test 5 — 25 Questions→PT0-002 Practice Exam 1 — 20 Questions→PT0-002 Practice Exam 2 — 20 Questions→PT0-002 Practice Exam 3 — 20 Questions→PT0-002 Practice Exam 4 — 20 Questions→Free PT0-002 Practice Test 1 — 30 Questions→Free PT0-002 Practice Test 2 — 30 Questions→Free PT0-002 Practice Test 3 — 30 Questions→PT0-002 Practice Questions 1 — 50 Questions→PT0-002 Practice Questions 2 — 50 Questions→PT0-002 Exam Simulation 1 — 100 Questions→

Practice by domain

Each domain maps to a weighted exam section. Focus on the domain where you are weakest.

Information Gathering and Vulnerability ScanningPlanning and ScopingReporting and CommunicationAttacks and ExploitsTools and Code Analysis

Practice by scenario

Filter questions by type — troubleshooting, exhibit, drag-and-drop, PBQ, ACLs, OSPF, and more.

Browse scenarios→

Continue studying

All Tools and Code Analysis setsAll Tools and Code Analysis questionsPT0-002 Practice Hub