1. Home
  2. CompTIA
  3. PT0-001

CompTIA PenTest+ Exam

Exam Details

  • Exam Code
    :PT0-001
  • Exam Name
    :CompTIA PenTest+ Exam
  • Certification
    :CompTIA PenTest+
  • Vendor
    :CompTIA
  • Total Questions
    :306 Q&As
  • Last Updated
    :Apr 01, 2024

CompTIA CompTIA PenTest+ PT0-001 Questions & Answers

  • Question 11:

    Joe, a penetration tester, was able to exploit a web application behind a firewall. He is trying to get a reverse shell back to his machine, but the firewall blocks the outgoing traffic. Ports for which of the following should the security consultant use to have the HIGHEST chance to bypass the firewall?

    A. SMB

    B. SMTP

    C. FTP

    D. DNS

  • Question 12:

    Prior to a security assessment of a company's user population via spear phishing, which of the following is the MOST appropriate method to de-escalate any incidents or consequences?

    A. Determine the appropriate format and content of the spear-phishing emails.

    B. Send follow-up communication to spear-phishing targets to notify of the assessment.

    C. Carefully prioritize the list of targeted users, excluding high value targets.

    D. Provide limited but necessary communication prior to the assessment.

  • Question 13:

    A penetration tester is required to report installed shells on compromised systems. Which of the following is the reason?

    A. To allow another security consultant access to the shell

    B. To allow the developer to troubleshoot the vulnerability

    C. To allow the systems administrator to perform the cleanup

    D. To allow the systems administrator to write a rule on the WAF

  • Question 14:

    Which of the following should a penetration tester verify prior to testing the login and permissions management for a web application that is protected by a CDN-based WAF?

    A. If an NDA is signed with the CDN company

    B. If the SSL certificates for the web application are valid

    C. If a list of the applicable WAF rules was obtained

    D. If the IP addresses for the penetration tester are whitelisted on the WAF

  • Question 15:

    Given the following HTTP response:

    http/1.0 200 OKServer: ApacheSet-Cookie: AUTHID=879DHUT74D9A7C; http-onlyContent-type: text/htmlConnection: Close

    Which of the following aspects of an XSS attack would be prevented?

    A. Client-side website defacement

    B. Session hijacking

    C. Cross-site request forgery

    D. JavaScript keylogging

  • Question 16:

    An attacker receives a DHCP address and notices the hostname was populated in the corporate DNS server. Which of the following BEST describes how the attacker can use this information?

    A. VLAN hopping

    B. DCSync operation

    C. Setting custom SRV records

    D. WPAD attack

  • Question 17:

    A penetration tester is asked to scope an external engagement. Which of the following would be a valid target?

    A. 104.45.98.126

    B. 169.254. 67.23

    C. 172.16.67.145

    D. 192.168.47.231

  • Question 18:

    A penetration tester reported the following vulnerabilities:

    Which of the following is the correct order to rate the vulnerabilities from critical to low considering the MOST immediate impact?

    A. Unrestricted file upload, stored XSS, SQL injection, verbose server headers

    B. SQL injection, unrestricted file upload, stored XSS, verbose server headers

    C. Verbose server headers, unrestricted file upload, stored XSS, SQL injection

    D. Stored XSS, SQL injection, unrestricted file upload, verbose server headers

  • Question 19:

    During the information gathering phase, a penetration tester discovers a spreadsheet that contains a domain administrator's credentials. In addition, port scanning reveals that TCP port 445 was open on multiple hosts. Which of the following methods would BEST leverage this information?

    A. telnet [target IP] 445

    B. ncat [target IP] 445

    C. nbtstat -a [targetIP] 445

    D. psexec [target IP]

  • Question 20:

    A penetration tester discovers SNMP on some targets. Which of the following should the penetration tester try FIRST?

    A. Sniff SNMP traffic.

    B. Use default credentials.

    C. Upload a new config file.

    D. Conduct a MITM.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your PT0-001 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.