PT0-001 Exam Details

  • Exam Code
    :PT0-001
  • Exam Name
    :CompTIA PenTest+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :306 Q&As
  • Last Updated
    :Apr 01, 2024

CompTIA PT0-001 Online Questions & Answers

  • Question 41:

    A client needs to be PCI compliant and has external-facing web servers. Which of the following CVSS vulnerability scores would automatically bring the client out of compliance standards such as PCI 3.x?

    A. 2.9
    B. 3.0
    C. 4.0
    D. 5.9

  • Question 42:

    Which of the following BEST explains why it is important to maintain confidentiality of any identified findings when performing a penetration test?

    A. Penetration test findings often contain company intellectual property
    B. Penetration test findings could lead to consumer dissatisfaction if made pubic
    C. Penetration test findings are legal documents containing privileged information
    D. Penetration test findings can assist an attacker in compromising a system

  • Question 43:

    During post-exploitation, a tester identifies that only system binaries will pass an egress filter and store a file with the following command:

    c:

    \creditcards.db>c:\winit\system32\calc.exe:creditcards.db

    Which of the following file system vulnerabilities does this command take advantage of?

    A. Hierarchical file system
    B. Alternate data streams
    C. Backdoor success
    D. Extended file system

  • Question 44:

    Which of the following types of intrusion techniques is the use of an "under-the-door tool" during a physical security assessment an example of?

    A. Lockpicking
    B. Egress sensor triggering
    C. Lock bumping
    D. Lock bypass

  • Question 45:

    Which of the following excerpts would come from a corporate policy?

    A. Employee passwords must contain a minimum of eight characters, with one being alphanumeric.
    B. The help desk can be reached at 800-passwd1 to perform password resets.
    C. Employees must use strong passwords for accessing corporate assets.
    D. The corporate systems must store passwords using the MD5 hashing algorithm.

  • Question 46:

    A consultant wants to scan all the TCP ports on an identified device. Which of the following Nmap switches will complete this task?

    A. -p-
    B. -p ALX,
    C. -p 1-65534
    D. -port 1-65534

  • Question 47:

    A penetration tester delivers a web application vulnerability scan report to a client. The penetration tester rates a vulnerability as medium severity. The same vulnerability was reported as a critical severity finding on the previous report.

    Which of the following is the MOST likely reason for the reduced severity?

    A. The client has applied a hot fix without updating the version.
    B. The threat landscape has significantly changed.
    C. The client has updated their codebase with new features.
    D. Thera are currently no known exploits for this vulnerability.

  • Question 48:

    A penetration tester is performing a remote scan to determine if the server farm is compliant with the company's software baseline . Which of the following should the penetration tester perform to verify compliance with the baseline?

    A. Discovery scan
    B. Stealth scan
    C. Full scan
    D. Credentialed scan

  • Question 49:

    While trying to maintain persistence on a Windows system with limited privileges, which of the following registry keys should the tester use?

    A. HKEY_CLASSES_ROOT
    B. HKEY_LOCAL_MACHINE
    C. HKEY_CURRENT_USER
    D. HKEY_CURRENT_CONFIG

  • Question 50:

    Given the following script:

    Which of the following BEST describes the purpose of this script?

    A. Log collection
    B. Event logging
    C. Keystroke monitoring
    D. Debug message collection

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your PT0-001 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.