Summer Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: buysanta

Exact2Pass Menu

CompTIA PenTest+ Exam

Last Update 10 hours ago Total Questions : 336

The CompTIA PenTest+ Exam content is now fully updated, with all current exam questions added 10 hours ago. Deciding to include PT0-003 practice exam questions in your study plan goes far beyond basic test preparation.

You'll find that our PT0-003 exam questions frequently feature detailed scenarios and practical problem-solving exercises that directly mirror industry challenges. Engaging with these PT0-003 sample sets allows you to effectively manage your time and pace yourself, giving you the ability to finish any CompTIA PenTest+ Exam practice test comfortably within the allotted time.

Question # 81

A client recently hired a penetration testing firm to conduct an assessment of their consumer-facing web application. Several days into the assessment, the client ' s networking team observes a substantial increase in DNS traffic. Which of the following would most likely explain the increase in DNS traffic?

A.

Covert data exfiltration

B.

URL spidering

C.

HTML scrapping

D.

DoS attack

Question # 82

A penetration tester obtains a regular domain user ' s set of credentials. The tester wants to attempt a dictionary attack by creating a custom word list based on the Active Directory password policy. Which of the following tools should the penetration tester use to retrieve the password policy?

A.

Responder

B.

CrackMapExec

C.

Hydra

D.

msfvenom

Question # 83

A penetration tester established an initial compromise on a host. The tester wants to pivot to other targets and set up an appropriate relay. The tester needs to enumerate through the compromised host as a relay from the tester ' s machine. Which of the following commands should the tester use to do this task from the tester ' s host?

A.

attacker_host$ nmap -sT < target_cidr > | nc -n < compromised_host > 22

B.

attacker_host$ mknod backpipe p attacker_host$ nc -l -p 8000 | 0 < backpipe | nc < target_cidr > 80 | tee backpipe

C.

attacker_host$ nc -nlp 8000 | nc -n < target_cidr > attacker_host$ nmap -sT 127.0.0.1 8000

D.

attacker_host$ proxychains nmap -sT < target_cidr >

Question # 84

Which of the following is the most efficient way to exfiltrate a file containing data that could be sensitive?

A.

Use steganography and send the file over FTP.

B.

Compress the file and send it using TFTP.

C.

Split the file in tiny pieces and send it over dnscat.

D.

Encrypt and send the file over HTTPS.

Question # 85

Which of the following is a reason to use a template when creating a penetration testing report?

A.

To articulate risks accurately

B.

To enhance the testing approach

C.

To contextualize collected data

D.

To standardize needed information

E.

To improve testing time

Question # 86

A company that uses an insecure corporate wireless network is concerned about security. Which of the following is the most likely tool a penetration tester could use to obtain initial access?

A.

Responder

B.

Metasploit

C.

Netcat

D.

Nmap

Question # 87

A penetration tester must identify vulnerabilities within an ICS (Industrial Control System) that is not connected to the internet or enterprise network. Which of the following should the tester utilize to conduct the testing?

A.

Channel scanning

B.

Stealth scans

C.

Source code analysis

D.

Manual assessment

Question # 88

A penetration tester reviews a SAST vulnerability scan report. The following lines of code have been reported as vulnerable:

Issue 40 of 126

Language: Java

Severity: Medium

Call:

try {

// ...

} catch (SomeException e) {

e.printStackTrace();

}

Which of the following is the best method to remediate this vulnerability?

A.

Implementing a logging framework

B.

Removing the five code lines reported with issues

C.

Initiating a secure coding-awareness program with all the developers

D.

Documenting the vulnerability as a false positive

Question # 89

During a penetration test, the tester gains full access to the application ' s source code. The application repository includes thousands of code files. Given that the assessment timeline is very short, which of the following approaches would allow the tester to identify hard-coded credentials most effectively?

A.

Run TruffleHog against a local clone of the application

B.

Scan the live web application using Nikto

C.

Perform a manual code review of the Git repository

D.

Use SCA software to scan the application source code

Question # 90

A penetration tester establishes a remote session to a host and receives the following prompt: rpcclient . Which of the following is the tester most likely able to do?

A.

Query local users on the system.

B.

Obtain SAM database password hashes.

C.

Enumerate session tokens.

D.

Change the Resultant Set of Group Policy applied in AD.

Go to page: