Free PT0-002 Which Command Should the Administrator Use Practice Questions Practice Questions | Courseiva

Scenario guide

How to approach which command should the administrator use practice questions

Practise command-choice questions where the task is to identify the correct verification, configuration or troubleshooting command.

Quick answer

Which Command Should the Administrator Use Practice Questions questions test whether you can apply the concept in context, not just recognise a definition.

How the topic appears in realistic exam-style scenarios.

Which detail in the question changes the correct answer.

How to eliminate plausible but wrong options.

How to connect the question back to the wider exam objective.

Practice set

Practice scenarios

Question 1mediummultiple choice

Full question →

A penetration tester is testing a web application that uses JSON Web Tokens (JWTs) for authentication. The tester discovers that the server does not verify the JWT signature properly. The tester crafts a JWT with an arbitrary payload and sets the algorithm to 'none'. Which attack does this enable?

Full question →

Question 2mediummultiple choice

Full question →

A penetration tester is writing a Bash script to enumerate users from the /etc/passwd file on a compromised Linux system. Which command will efficiently print only the usernames?

Full question →

Question 3mediummultiple choice

Full question →

A penetration tester is analyzing a Python script that uses the 'paramiko' library to automate SSH key-based authentication across multiple servers. The script fails with 'AuthenticationException' for some servers that the tester is certain have the correct private key configured. Which of the following is the most likely cause of this failure?

Full question →

Question 4mediummultiple choice

Full question →

A penetration tester is writing a Bash script to automate the extraction of password hashes from a Windows system after gaining SYSTEM-level access. The script uses 'reg.exe' to save the SAM and SYSTEM hives. Which command should the tester include in the script to export the SAM hive to a file?

Full question →

Question 5mediummultiple choice

Full question →

A penetration tester is using theHarvester tool to gather email addresses and subdomains for a target domain. Which source is theHarvester commonly configured to use for passive reconnaissance?

Full question →

Question 6mediummultiple choice

Full question →

A penetration tester writes a Python script to test an API for vulnerabilities. The script sends requests with multiple payloads and checks if the response contains an error message indicating a potential injection. Which of the following code snippets would BEST reduce false positives by verifying that the injected parameter is processed?

Full question →

Question 7mediummultiple choice

Full question →

A penetration tester is writing a Bash script to automate enumeration of a Linux system after gaining a shell. The script needs to extract user information from the /etc/passwd file. Which command would be most efficient for listing only the usernames?

Full question →

Question 8hardmultiple choice

Full question →

A penetration tester has gained a low-privileged command shell on a Windows 10 system. The tester suspects there is a vulnerable service with an unquoted service path that can be exploited for privilege escalation. Which command should the tester use to identify all services with this vulnerability?

Full question →

Question 9mediummultiple choice

Full question →

A penetration tester is analyzing a Python script that uses the Impacket library to perform an SMB relay attack. The script is failing to capture NTLM hashes from target machines. Which part of the script is MOST likely misconfigured?

Full question →

Question 10mediummultiple choice

Full question →

A penetration tester is using an Nmap NSE script to enumerate SMB shares on a target Windows server. The script runs without errors but returns no shares, even though the server has shares configured. Which is the MOST likely cause?

Full question →

Question 11mediummultiple choice

Full question →

A penetration tester is using theHarvester tool to gather information about a target domain. The tester wants to collect email addresses and subdomains from public search engines and PGP key servers. Which source is theHarvester commonly configured to use for this passive reconnaissance?

Full question →

Question 12mediummultiple choice

Full question →

A penetration tester is writing a Bash script to enumerate network shares on multiple Windows hosts. The script uses smbclient to list shares. Which command should be used within the script to attempt to connect to a host with a known username and password?

Full question →

Question 13easymultiple choice

Full question →

A penetration tester wants to quickly capture and analyze network packets during an internal test to identify unencrypted protocols. Which command-line tool is commonly used for packet capture on Linux?

Full question →

PT0-002 Which Command Should the Administrator Use Practice Questions

How to approach which command should the administrator use practice questions

Quick answer

Related PT0-002 topic practice pages

PT0-002 fundamentals practice questions

PT0-002 scenario practice questions

PT0-002 troubleshooting practice questions

Practice scenarios

A penetration tester is testing a web application that uses JSON Web Tokens (JWTs) for authentication. The tester discovers that the server does not verify the JWT signature properly. The tester crafts a JWT with an arbitrary payload and sets the algorithm to 'none'. Which attack does this enable?

A penetration tester is writing a Bash script to enumerate users from the /etc/passwd file on a compromised Linux system. Which command will efficiently print only the usernames?

A penetration tester is writing a Bash script to automate the extraction of password hashes from a Windows system after gaining SYSTEM-level access. The script uses 'reg.exe' to save the SAM and SYSTEM hives. Which command should the tester include in the script to export the SAM hive to a file?

A penetration tester is using theHarvester tool to gather email addresses and subdomains for a target domain. Which source is theHarvester commonly configured to use for passive reconnaissance?

A penetration tester is writing a Bash script to automate enumeration of a Linux system after gaining a shell. The script needs to extract user information from the /etc/passwd file. Which command would be most efficient for listing only the usernames?

A penetration tester has gained a low-privileged command shell on a Windows 10 system. The tester suspects there is a vulnerable service with an unquoted service path that can be exploited for privilege escalation. Which command should the tester use to identify all services with this vulnerability?

A penetration tester is analyzing a Python script that uses the Impacket library to perform an SMB relay attack. The script is failing to capture NTLM hashes from target machines. Which part of the script is MOST likely misconfigured?

A penetration tester is using an Nmap NSE script to enumerate SMB shares on a target Windows server. The script runs without errors but returns no shares, even though the server has shares configured. Which is the MOST likely cause?

A penetration tester is using theHarvester tool to gather information about a target domain. The tester wants to collect email addresses and subdomains from public search engines and PGP key servers. Which source is theHarvester commonly configured to use for this passive reconnaissance?

A penetration tester is writing a Bash script to enumerate network shares on multiple Windows hosts. The script uses smbclient to list shares. Which command should be used within the script to attempt to connect to a host with a known username and password?

A penetration tester wants to quickly capture and analyze network packets during an internal test to identify unencrypted protocols. Which command-line tool is commonly used for packet capture on Linux?