Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 65pass65

PT0-003 CompTIA PenTest+ Exam is now Stable and With Pass Result | Test Your Knowledge for Free

Exams4sure Dumps

PT0-003 Practice Questions

CompTIA PenTest+ Exam

Last Update 3 days ago
Total Questions : 336

Dive into our fully updated and stable PT0-003 practice test platform, featuring all the latest PenTest+ exam questions added this week. Our preparation tool is more than just a CompTIA study aid; it's a strategic advantage.

Our free PenTest+ practice questions crafted to reflect the domains and difficulty of the actual exam. The detailed rationales explain the 'why' behind each answer, reinforcing key concepts about PT0-003. Use this test to pinpoint which areas you need to focus your study on.

PT0-003 PDF

PT0-003 PDF (Printable)
$54.25
$154.99

PT0-003 Testing Engine

PT0-003 PDF (Printable)
$59.5
$169.99

PT0-003 PDF + Testing Engine

PT0-003 PDF (Printable)
$74.55
$212.99
Question # 41

A penetration testing team wants to conduct DNS lookups for a set of targets provided by the client. The team crafts a Bash script for this task. However, they find a minor error in one line of the script:

1 #!/bin/bash

2 for i in $(cat example.txt); do

3 curl $i

4 done

Which of the following changes should the team make to line 3 of the script?

Options:

A.  

resolvconf $i

B.  

rndc $i

C.  

systemd-resolve $i

D.  

host $i

Discussion 0
Question # 42

With one day left to complete the testing phase of an engagement, a penetration tester obtains the following results from an Nmap scan:

Not shown: 1670 closed ports

PORT STATE SERVICE VERSION

80/tcp open http Apache httpd 2.2.3 (CentOS)

3306/tcp open mysql MySQL (unauthorized)

8888/tcp open http lighttpd 1.4.32

Which of the following tools should the tester use to quickly identify a potential attack path?

Options:

A.  

msfvenom

B.  

SearchSploit

C.  

sqlmap

D.  

BeEF

Discussion 0
Question # 43

During wireless testing, a penetration tester observes the following customer APs and configurations:

SSID / Configuration

AP1 – WPA3

AP2 – WPA3

AP3 – WPA2

AP4 – WPA3

Which of the following attacks can the tester use only against AP3?

Options:

A.  

Brute force

B.  

Signal jamming

C.  

Evil twin

D.  

Deauthentication

Discussion 0
Question # 44

A tester is finishing an engagement and needs to ensure that artifacts resulting from the test are safely handled. Which of the following is the best procedure for maintaining client data privacy?

Options:

A.  

Remove configuration changes and any tools deployed to compromised systems.

B.  

Securely destroy or remove all engagement-related data from testing systems.

C.  

Search through configuration files changed for sensitive credentials and remove them.

D.  

Shut down C2 and attacker infrastructure on premises and in the cloud.

Discussion 0
Question # 45

A penetration tester needs to collect information over the network for further steps in an internal assessment. Which of the following would most likely accomplish this goal?

Options:

A.  

ntlmrelayx.py -t 192.168.1.0/24 -1 1234

B.  

nc -tulpn 1234 192.168.1.2

C.  

responder.py -I eth0 -wP

D.  

crackmapexec smb 192.168.1.0/24

Discussion 0
Question # 46

A penetration tester completes a scan and sees the following Nmap output on a host:

Nmap scan report for victim (10.10.10.10)

Host is up (0.0001s latency)

PORT STATE SERVICE

161/udp open snmp

445/tcp open microsoft-ds

3389/tcp open ms-wbt-server

Running Microsoft Windows 7

OS CPE: cpe:/o:microsoft:windows_7::sp0

The tester wants to obtain shell access. Which of the following related exploits should the tester try first?

Options:

A.  

exploit/windows/smb/psexec

B.  

exploit/windows/smb/ms08_067_netapi

C.  

exploit/windows/smb/ms17_010_eternalblue

D.  

auxiliary/scanner/snmp/snmp_login

Discussion 0
Question # 47

A penetration tester conducts reconnaissance for a client ' s network and identifies the following system of interest:

$ nmap -A AppServer1.compita.org

Starting Nmap 7.80 (2023-01-14) on localhost (127.0.0.1) at 2023-08-04 15:32:27

Nmap scan report for AppServer1.compita.org (192.168.1.100)

Host is up (0.001s latency).

Not shown: 999 closed ports

Port State Service

21/tcp open ftp

22/tcp open ssh

23/tcp open telnet

80/tcp open http

135/tcp open msrpc

139/tcp open netbios-ssn

443/tcp open https

445/tcp open microsoft-ds

873/tcp open rsync

8080/tcp open http-proxy

8443/tcp open https-alt

9090/tcp open zeus-admin

10000/tcp open snet-sensor-mgmt

The tester notices numerous open ports on the system of interest. Which of the following best describes this system?

Options:

A.  

A honeypot

B.  

A Windows endpoint

C.  

A Linux server

D.  

An already-compromised system

Discussion 0
Question # 48

A penetration tester is performing an assessment focused on attacking the authentication identity provider hosted within a cloud provider. During the reconnaissance phase, the tester finds that the system is using OpenID Connect with OAuth and has dynamic registration enabled. Which of the following attacks should the tester try first?

Options:

A.  

A password-spraying attack against the authentication system

B.  

A brute-force attack against the authentication system

C.  

A replay attack against the authentication flow in the system

D.  

A mask attack against the authentication system

Discussion 0
Question # 49

A penetration tester is working on a security assessment of a mobile application that was developed in-house for local use by a hospital. The hospital and its customers are very concerned about disclosure of information. Which of the following tasks should the penetration tester do first?

Options:

A.  

Set up Drozer in order to manipulate and scan the application.

B.  

Run the application through the mobile application security framework.

C.  

Connect Frida to analyze the application at runtime to look for data leaks.

D.  

Load the application on client-owned devices for testing.

Discussion 0
Question # 50

During a security assessment, a penetration tester uses a tool to capture plaintext log-in credentials on the communication between a user and an authentication system. The tester wants to use this information for further unauthorized access. Which of the following tools is the tester using?

Options:

A.  

Burp Suite

B.  

Wireshark

C.  

Zed Attack Proxy

D.  

Metasploit

Discussion 0
Get PT0-003 dumps and pass your exam in 24 hours!

Free Exams Sample Questions