PT0-002 · topic practice

Tools and Code Analysis practice questions

Use this page to practise Tools and Code Analysis questions for this certification. Focus on how the exam tests tools and code analysis in scenario format — understanding the why behind each answer builds more durable knowledge than memorising options.

Courseiva uses original exam-style practice questions designed for learning and revision. The goal is to understand the concepts, recognise exam patterns, and improve through explanations — not memorise copied exam dumps.

Reviewed byJohnson Ajibi· MSc IT Security
20 questionsDomain: Tools and Code Analysis

What the exam tests

What to know about Tools and Code Analysis

Tools and Code Analysis questions on this certification test your ability to deploy and manage tools and code analysis concepts in scenario-based situations.

Core Tools and Code Analysis concepts and how they apply in real-world cloud scenarios.

How to deploy tools and code analysis correctly and verify the outcome.

Troubleshooting tools and code analysis issues by interpreting error output and system state.

Cloud best practices and Tools and Code Analysis design trade-offs tested by this certification.

Watch out for

Common Tools and Code Analysis exam traps

  • Selecting the most expensive service when a simpler managed option meets the requirement.
  • Forgetting that cloud resources must be explicitly secured — defaults are rarely secure.
  • Choosing a global service fix when the issue is region-specific.
  • Overlooking cost implications of cross-region data transfer in architecture questions.

Practice set

Tools and Code Analysis questions

20 questions · select your answer, then reveal the explanation

Question 1mediummultiple choice
Study the full Python automation breakdown →

A penetration tester wrote a Python script to automate HTTP request fuzzing. The script uses the 'requests' library to send payloads and checks for reflected content in the response. The tester wants to analyze the script for potential improvements. Which of the following code changes would MOST directly reduce false positives in detecting reflection?

A penetration tester is analyzing a PowerShell script used for post-exploitation on a Windows domain. The script contains the following line: Invoke-Command -ComputerName $target -ScriptBlock { get-process -Name "explorer" }. What is the primary purpose of this command?

A penetration tester wants to identify live hosts on a large internal network. Which Nmap option would be the FASTEST for initial host discovery?

Question 4mediummultiple choice
Study the full Python automation breakdown →

A penetration tester writes a Python script to test an API for vulnerabilities. The script sends requests with multiple payloads and checks if the response contains an error message indicating a potential injection. Which of the following code snippets would BEST reduce false positives by verifying that the injected parameter is processed?

Question 5mediummultiple choice
Study the full Python automation breakdown →

A penetration tester is reviewing a Python script that uses the `requests` library to send HTTP POST requests to a login endpoint. The script attempts to bypass authentication by sending SQL injection payloads in the username field. Which of the following code changes would MOST effectively help the tester identify successful injections by reducing false negatives?

Question 6mediummultiple choice
Study the full Python automation breakdown →

A penetration tester writes a Python script to test for directory traversal vulnerabilities in a web application. The script uses the requests library to send a payload like '../../etc/passwd' and checks if the response contains the string 'root:'. However, the tester notices many false negatives because the application requires URL encoding of the dots and slashes. Which code modification would BEST improve the detection rate?

A penetration tester wants to enumerate SMB shares, user lists, and operating system information from a Windows target without authenticating. Which of the following tools is BEST suited for this task?

Question 8mediummultiple choice
Study the full Python automation breakdown →

A penetration tester is reviewing a Python script that attempts to exploit a command injection vulnerability. The script uses the 'subprocess' module with the 'shell=True' argument. Which of the following code changes would be MOST effective to reduce the risk of unintended consequences when executing system commands?

A penetration tester is writing a Bash script to automate enumeration of a Linux system after gaining a shell. The script needs to extract user information from the /etc/passwd file. Which command would be most efficient for listing only the usernames?

Question 10mediummultiple choice
Study the full Python automation breakdown →

A penetration tester is analyzing a Python script that uses the Impacket library to perform an SMB relay attack. The script is failing to capture NTLM hashes from target machines. Which part of the script is MOST likely misconfigured?

A penetration tester is using Burp Suite to test a web application. The tester notices that the application relies on client-side JavaScript validation to restrict input. To bypass this validation and test for server-side vulnerabilities, which Burp Suite feature is MOST useful for automatically modifying requests before they are sent to the server?

A penetration tester is writing a Bash script to enumerate users from the /etc/passwd file on a compromised Linux system. Which command will efficiently print only the usernames?

Question 13mediummultiple choice
Study the full Python automation breakdown →

A penetration tester is analyzing a Python script that uses the 'paramiko' library to automate SSH key-based authentication across multiple servers. The script fails with 'AuthenticationException' for some servers that the tester is certain have the correct private key configured. Which of the following is the most likely cause of this failure?

A penetration tester is writing a return-oriented programming (ROP) exploit for a Linux binary to bypass Data Execution Prevention (DEP). The binary has DEP enabled, but the tester identifies a gadget in a dynamically linked library that is not affected by ASLR. Which condition must be true for the ROP chain to succeed?

A penetration tester is using Burp Suite to intercept and modify HTTP traffic. When browsing to an HTTPS site, the tester observes that the requests are encrypted and not being intercepted by Burp. Which configuration step is most likely missing?

A penetration tester wants to quickly capture and analyze network packets during an internal test to identify unencrypted protocols. Which command-line tool is commonly used for packet capture on Linux?

A penetration tester is using an Nmap NSE script to enumerate SMB shares on a target Windows server. The script runs without errors but returns no shares, even though the server has shares configured. Which is the MOST likely cause?

A penetration tester has obtained a dump of NTLM password hashes from a Windows Domain Controller. The tester wants to crack these hashes as quickly as possible using GPU acceleration. Which tool is the BEST choice for this task?

A penetration tester is writing a Bash script to automate the extraction of password hashes from a Windows system after gaining SYSTEM-level access. The script uses 'reg.exe' to save the SAM and SYSTEM hives. Which command should the tester include in the script to export the SAM hive to a file?

A penetration tester wants to quickly identify the listening services on a target Linux server without performing a full port scan. The tester has obtained an unauthenticated shell as a low-privileged user. Which built-in command is most likely available on a modern Linux distribution to list all listening TCP sockets?

Free account

Track your progress over time

Create a free account to save your results and see which topics improve across sessions.

Focused Tools and Code Analysis sessions

Start a Tools and Code Analysis only practice session

Every question in these sessions is drawn from the Tools and Code Analysis domain — nothing else.

Related practice questions

Related PT0-002 topic practice pages

Move into related areas when this topic feels solid.

Frequently asked questions

What does the PT0-002 exam test about Tools and Code Analysis?
Tools and Code Analysis questions on this certification test your ability to deploy and manage tools and code analysis concepts in scenario-based situations.
How should I use these practice questions?
Select your answer before revealing the explanation. Then read why each option is right or wrong — this active recall approach builds retention far faster than re-reading notes.
Can I practise just Tools and Code Analysis questions in a focused session?
Yes — the session launcher on this page draws every question from the Tools and Code Analysis domain. Use a 10-question session first to gauge your baseline, then move to 20 or 30 once the weak spots are clear.
Where can I practise other PT0-002 topics?
Use the topic links above to move to related areas, or go back to the PT0-002 question bank to see all topics.
Are these real exam questions or dumps?
These are original practice questions written to test the same concepts the PT0-002 exam covers. They are not copied from any real exam or dump site.