CompTIA PT0-003 Online Practice Questions and Exam Preparation

CompTIA PT0-003 Online Questions & Answers

• Question 401:

  A penetration tester discovered that a client uses cloud mail as the company's email system. During the penetration test, the tester set up a fake cloud mail login page and sent all company employees an email that stated their inboxes were full and directed them to the fake login page to remedy the issue.

  Which of the following BEST describes this attack?

  A. Credential harvesting
  B. Privilege escalation
  C. Password spraying
  D. Domain record abuse
  A. Credential harvesting

  ---

  Explanation

  Credential harvesting is a type of attack that aims to collect usernames and passwords from unsuspecting users by tricking them into entering their credentials on a fake or spoofed website. Credential harvesting can be done by using phishing emails that lure users to click on malicious links or attachments that redirect them to the fake website. The fake website may look identical or similar to the legitimate one, but it will capture and store the user's credentials for later use by the attacker. In this case, the penetration tester set up a fake cloud mail login page and sent phishing emails to all company employees to harvest their credentials.

• Question 402:

  In a cloud environment, a security team discovers that an attacker accessed confidential information that was used to configure virtual machines during their initialization.

  Through which of the following features could this information have been accessed?

  A. IAM
  B. Block storage
  C. Virtual private cloud
  D. Metadata services
  D. Metadata services

  ---

  Explanation

  In a cloud environment, the information used to configure virtual machines during their initialization could have been accessed through metadata services.

  Metadata Services:

  Definition: Cloud service providers offer metadata services that provide information about the running instance, such as instance ID, hostname, network configurations, and user data.

  Access: These services are accessible from within the virtual machine and often include sensitive information used during the initialization and configuration of the VM.

  Other Features:

  IAM (Identity and Access Management): Manages permissions and access to resources but does not directly expose initialization data.

  Block Storage: Provides persistent storage but does not directly expose initialization data.

  Virtual Private Cloud (VPC): Provides network isolation for cloud resources but does not directly expose initialization data.

  References:

  Cloud Security: Understanding how metadata services work and the potential risks associated with them is crucial for securing cloud environments.

  Exploitation: Metadata services can be exploited to retrieve sensitive data if not properly secured.

  By accessing metadata services, an attacker can retrieve sensitive configuration information used during VM initialization, which can lead to further exploitation.

• Question 403:

  A penetration tester has just started a new engagement. The tester is using a framework that breaks the life cycle into 14 components.

  Which of the following frameworks is the tester using?

  A. OWASP MASVS
  B. OSSTMM
  C. MITRE ATT&CK
  D. CREST
  B. OSSTMM

  ---

  Explanation

  The OSSTMM (Open Source Security Testing Methodology Manual) is a comprehensive framework for security testing that includes 14 components in its life cycle. Here's why option B is correct:

  OSSTMM: This methodology breaks down the security testing process into 14 components, covering various aspects of security assessment, from planning to execution and reporting.

  OWASP MASVS: This is a framework for mobile application security verification and does not have a 14- component life cycle.

  MITRE ATT&CK: This is a knowledge base of adversary tactics and techniques but does not describe a 14- component life cycle.

  CREST: This is a certification body for penetration testers and security professionals but does not provide a specific 14-component framework.

  References from Pentest:

  Anubis HTB: Emphasizes the structured approach of OSSTMM in conducting comprehensive security assessments.

  Writeup HTB: Highlights the use of detailed methodologies like OSSTMM to cover all aspects of security testing.

  Conclusion:

  Option B, OSSTMM, is the framework that breaks the life cycle into 14 components, making it the correct answer.

• Question 404:

  A penetration tester is working on a security assessment of a mobile application that was developed in-house for local use by a hospital. The hospital and its customers are very concerned about disclosure of information.

  Which of the following tasks should the penetration tester do first?

  A. Set up Drozer in order to manipulate and scan the application.
  B. Run the application through the mobile application security framework.
  C. Connect Frida to analyze the application at runtime to look for data leaks.
  D. Load the application on client-owned devices for testing.
  B. Run the application through the mobile application security framework.

  ---

  Explanation

  When performing a security assessment on a mobile application, especially one concerned with information disclosure, it is crucial to follow a structured approach to identify vulnerabilities comprehensively. Here's why option B is correct:

  Mobile Application Security Framework: This framework provides a structured methodology for assessing the security of mobile applications. It includes various tests such as static analysis, dynamic analysis, and reverse engineering, which are essential for identifying vulnerabilities related to information disclosure.

  Initial Steps: Running the application through a security framework allows the tester to identify a broad range of potential issues systematically. This initial step ensures that all aspects of the application's security are covered before delving into more specific tools like Drozer or Frida.

  References from Pentest:

  Writeup HTB: Demonstrates the use of structured methodologies to ensure comprehensive coverage of security assessments.

  Horizontall HTB: Emphasizes the importance of following a structured approach to identify and address security issues.