PT0-001 Exam Details

  • Exam Code
    :PT0-001
  • Exam Name
    :CompTIA PenTest+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :306 Q&As
  • Last Updated
    :Apr 01, 2024

CompTIA PT0-001 Online Questions & Answers

  • Question 121:

    A security consultant receives a document outlining the scope of an upcoming penetration test. This document contains IP addresses and times that each can be scanned. Which of the following would contain this information?

    A. Rules of engagement
    B. Request for proposal
    C. Master service agreement
    D. Business impact analysis

  • Question 122:

    If a security consultant comes across a password hash that resembles the following

    b117 525b3454 7Oc29ca3dBaeOb556ba8

    Which of the following formats is the correct hash type?

    A. Kerberos
    B. NetNTLMvl
    C. NTLM
    D. SHA-1

  • Question 123:

    A penetration tester has successfully exploited a Windows host with low privileges and found directories with the following permissions:

    Which of the following should be performed to escalate the privileges?

    A. Kerberoasting
    B. Retrieval of the SAM database
    C. Migration of the shell to another process
    D. Writable services

  • Question 124:

    A senior employee received a suspicious email from another executive requesting an urgent wire transfer. Which of the following types of attacks is likely occurring?

    A. Spear phishing
    B. Business email compromise
    C. Vishing
    D. Whaling

  • Question 125:

    A client gives a penetration tester a /8 network range to scan during a week-long engagement. Which of the following tools would BEST complete this task quickly?

    A. Massscan
    B. Nmap
    C. Angry IP scanner
    D. Unicorn scan

  • Question 126:

    A penetration tester is performing an annual security assessment for a repeat client The tester finds indicators of previous compromise Which of the following would be the most logical steps to follow NEXT?

    A. Report the incident to the tester's immediate manager and follow up with the client immediately
    B. Report the incident to the clients Chief Information Security Officer (CISO) immediately and alter the terms of engagement accordingly
    C. Report the incident to the client's legal department and then follow up with the client's security operations team
    D. Make note of the anomaly, continue with the penetration testing and detail it in the final report

  • Question 127:

    SIMULATION

    You are a penetration tester running port scans on a server.

    INSTRUCTIONS

    Part1: Given the output, construct the command that was used to generate this output from the available options.

    Part2: Once the command is appropriately constructed, use the given output to identify the potential attack vectors that should be investigated further.

    If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

    Part1

    Part2

    Correct Answer. See explanation below.

  • Question 128:

    An internal network penetration test is conducted against a network that is protected by an unknown NAC system In an effort to bypass the NAC restrictions the penetration tester spoofs the MAC address and hostname of an authorized system Which of the following devices if impersonated would be MOST likely to provide the tester with network access?

    A. Network-attached printer
    B. Power-over-Ethernet injector
    C. User workstation
    D. Wireless router

  • Question 129:

    Which of the following should a penetration tester verify prior to testing the login and permissions management for a web application that is protected by a CDN-based WAF?

    A. If an NDA is signed with the CDN company
    B. If the SSL certificates for the web application are valid
    C. If a list of the applicable WAF rules was obtained
    D. If the IP addresses for the penetration tester are whitelisted on the WAF

  • Question 130:

    A penetration tester is reviewing the following output from a wireless sniffer:

    Which of the following can be extrapolated from the above information?

    A. Hardware vendor
    B. Channel interference
    C. Usernames
    D. Key strength

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your PT0-001 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.