PT0-001 Exam Details

  • Exam Code
    :PT0-001
  • Exam Name
    :CompTIA PenTest+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :306 Q&As
  • Last Updated
    :Apr 01, 2024

CompTIA PT0-001 Online Questions & Answers

  • Question 101:

    An individual has been hired by an organization after passing a background check. The individual has been passing information to a competitor over a period of time. Which of the following classifications BEST describes the individual?

    A. APT B. Insider threat
    C. Script kiddie
    D. Hacktivist

  • Question 102:

    An email sent from the Chief Executive Officer (CEO) to the Chief Financial Officer (CFO) states a wire transfer is needed to pay a new vendor. Neither is aware of the vendor, and the CEO denies ever sending the email. Which of the following types of motivation was used m this attack?

    A. Principle of fear
    B. Principle of authority
    C. Principle of scarcity
    D. Principle of likeness
    E. Principle of social proof

  • Question 103:

    While engaging clients for a penetration test from highly regulated industries, which of the following is usually the MOST important to the clients from a business perspective?

    A. Letter of engagement and attestation of findings
    B. NDA and MSA
    C. SOW and final report
    D. Risk summary and executive summary

  • Question 104:

    The following command is run on a Linux file system:

    Chmod 4111 /usr/bin/sudo

    Which of the following issues may be exploited now?

    A. Kernel vulnerabilities
    B. Sticky bits
    C. Unquoted service path
    D. Misconfigured sudo

  • Question 105:

    When performing active information reconnaissance, which of the following should be tested FIRST before starting the exploitation process?

    A. SQLmap
    B. TLS configuration
    C. HTTP verbs
    D. Input fields

  • Question 106:

    A penetration tester is performing a validation scan after an organization remediated a vulnerability on port 443 The penetration tester observes the following output: Which of the following has MOST likely occurred?

    A. The scan results were a false positive.
    B. The IPS is blocking traffic to port 443
    C. A mismatched firewall rule is blocking 443.
    D. The organization moved services to port 8443

  • Question 107:

    An organization has requested that a penetration test be performed to determine if it is possible for an attacker to gain a foothold on the organization's server segment. During the assessment, the penetration tester identifies tools that appear to have been left behind by a prior attack. Which of the following actions should the penetration tester take?

    A. Attempt to use the remnant tools to achieve persistence.
    B. Document the presence of the left-behind tools in the report and proceed with the test.
    C. Remove the tools from the affected systems before continuing on with the test.
    D. Discontinue further testing and report the situation to management.

  • Question 108:

    A penetration tester is performing ARP spoofing against a switch. Which of the following should the penetration tester spoof to get the MOST information?

    A. MAC address of the client
    B. MAC address of the domain controller
    C. MAC address of the web server
    D. MAC address of the gateway

  • Question 109:

    After an Nmap NSE scan, a security consultant is seeing inconsistent results while scanning a host. Which of the following is the MOST likely cause?

    A. Services are not listening
    B. The network administrator shut down services
    C. The host was not reachable
    D. A firewall/IPS blocked the scan

  • Question 110:

    A client has requested an external network penetration test for compliance purposes. During discussion between the client and the penetration tester, the client expresses unwillingness to add the penetration tester's source IP addresses to the client's IPS whitelist for the duration of the test. Which of the following is the BEST argument as to why the penetration tester's source IP addresses should be whitelisted?

    A. Whitelisting prevents a possible inadvertent DoS attack against the IPS and supporting log-monitoring systems.
    B. Penetration testing of third-party IPS systems often requires additional documentation and authorizations; potentially delaying the time-sensitive test.
    C. IPS whitelisting rules require frequent updates to stay current, constantly developing vulnerabilities and newly discovered weaknesses.
    D. Testing should focus on the discovery of possible security issues across all in-scope systems, not on determining the relative effectiveness of active defenses such as an IPS.

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your PT0-001 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.