Free PT0-003 Questions for CompTIA PenTest+ PT0-003 Exam as PDF & Practice Test Engine
During a security audit, a penetration tester wants to exploit a vulnerability in a common network protocol. The protocol allows encrypted communications to be intercepted and manipulated.
Which of the following vulnerabilities should the tester exploit?
Which of the following vulnerabilities should the tester exploit?
Correct Answer: A
Vote an answer
Explanation: Only visible for ExamDiscuss members. You can sign-up / login (it's free).
Which of the following agreement types best describes the methodology and duration conditions of a penetration testing service?
Correct Answer: B
Vote an answer
Explanation: Only visible for ExamDiscuss members. You can sign-up / login (it's free).
A penetration tester attempts to obtain the preshared key for a client's wireless network. Which of the following actions will most likely aid the tester?
Correct Answer: B
Vote an answer
Explanation: Only visible for ExamDiscuss members. You can sign-up / login (it's free).
A company hires a penetration tester to perform an external attack surface review as part of a security engagement. The company informs the tester that the main company domain to investigate is comptia.org. Which of the following should the tester do to accomplish the assessment objective?
Correct Answer: A
Vote an answer
Explanation: Only visible for ExamDiscuss members. You can sign-up / login (it's free).
A penetration testing team wants to conduct DNS lookups for a set of targets provided by the client. The team crafts a Bash script for this task. However, they find a minor error in one line of the script:
1 #!/bin/bash
2 for i in $(cat example.txt); do
3 curl $i
4 done
Which of the following changes should the team make to line 3 of the script?
1 #!/bin/bash
2 for i in $(cat example.txt); do
3 curl $i
4 done
Which of the following changes should the team make to line 3 of the script?
Correct Answer: D
Vote an answer
Explanation: Only visible for ExamDiscuss members. You can sign-up / login (it's free).
During the reconnaissance phase, a penetration tester collected the following information from the DNS records:
A-----> www
A-----> host
TXT --> vpn.comptia.org
SPF---> ip =2.2.2.2
Which of the following DNS records should be in place to avoid phishing attacks using spoofing domain techniques?
A-----> www
A-----> host
TXT --> vpn.comptia.org
SPF---> ip =2.2.2.2
Which of the following DNS records should be in place to avoid phishing attacks using spoofing domain techniques?
Correct Answer: C
Vote an answer
Explanation: Only visible for ExamDiscuss members. You can sign-up / login (it's free).
SIMULATION 3
You are a penetration tester reviewing a client's website through a web browser.
INSTRUCTIONS
Review all components of the website through the browser to determine if vulnerabilities are present.
Remediate ONLY the highest vulnerability from either the certificate, source, or cookies.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.







You are a penetration tester reviewing a client's website through a web browser.
INSTRUCTIONS
Review all components of the website through the browser to determine if vulnerabilities are present.
Remediate ONLY the highest vulnerability from either the certificate, source, or cookies.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.







Correct Answer:
Step 1 - Generate a Certificate Signing Request
Step 2 - Submit CSR to the CA
Step 3 - Install re-issued certificate on the server
Step 4 - Remove Certificate from Server
Step 2 - Submit CSR to the CA
Step 3 - Install re-issued certificate on the server
Step 4 - Remove Certificate from Server
Given the following output snippet that was generated during the reconnaissance phase of a penetration test:

Which of the following line numbers represent the most likely vulnerability to be used by the penetration tester? (Choose two.)

Which of the following line numbers represent the most likely vulnerability to be used by the penetration tester? (Choose two.)
Correct Answer: B,F
Vote an answer
Explanation: Only visible for ExamDiscuss members. You can sign-up / login (it's free).
Which of the following is the part of a penetration test report that contains an explanation about how testing is performed?
Correct Answer: B
Vote an answer
Explanation: Only visible for ExamDiscuss members. You can sign-up / login (it's free).
0
0
0
10
