What is the vendor of the CompTIA PenTest+ exam?
CompTIA
What is the exam code for CompTIA PenTest+?
PT0-003
What is the name of the exam with code PT0-003?
CompTIA PenTest+
What is the level of the CompTIA PenTest+ exam?
EXPERT
What is included in the CompTIA PenTest+ exam description?
Pending Verification
In Progress
✔Verified
Not Verified
What is included in the CompTIA PenTest+ exam description?
Pending Verification
In Progress
✔Verified
Not Verified
What does the verified checkmark indicate in the CompTIA PenTest+ exam description?
It indicates that the exam is verified.
What is depicted in the image related to CompTIA PenTest+?
A yellow hexagon with the word EXPERT and checkmarks.
Which tool should a penetration tester use to send a specific network packet with custom flags?
Bluecrack
tcprelay
tcpdump
Scapy
Which tool should a penetration tester use to send a specific network packet with custom flags?
Bluecrack
tcprelay
tcpdump
Scapy
Why would a tester use DREAD over PTES during planning?
The tester is evaluating a thick client application.
The tester is creating a threat model.
The tester is assessing a mobile application.
The tester is conducting a web application test.
Why would a tester use DREAD over PTES during planning?
The tester is evaluating a thick client application.
The tester is creating a threat model.
The tester is assessing a mobile application.
The tester is conducting a web application test.
What should a penetration tester use to identify vulnerable open-source libraries?
SCA
IAST
DAST
VM
What should a penetration tester use to identify vulnerable open-source libraries?
SCA
IAST
DAST
VM
What should be recommended to prevent XML external entity vulnerabilities?
Ensure the requests application access logs are reviewed frequently.
Implement a WAF to filter all incoming requests.
Disable the use of external entities.
Drop all excessive file permissions with chmod o-rwx.
What should be recommended to prevent XML external entity vulnerabilities?
Ensure the requests application access logs are reviewed frequently.
Implement a WAF to filter all incoming requests.
Disable the use of external entities.
Drop all excessive file permissions with chmod o-rwx.
What should a penetration tester do first when developing a phishing campaign for a corporate client that authorized spear phishing?
Social media
Password dumps
Recon-ng
Shoulder surfing
What should a penetration tester do first when developing a phishing campaign for a corporate client that authorized spear phishing?
Social media
Password dumps
Recon-ng
Shoulder surfing
What change is required on line 6 of the provided code snippet for checking URL accessibility?
The condition on line 6
The import on line 1
The method on line 5
The delimiter in line 3
What change is required on line 6 of the provided code snippet for checking URL accessibility?
The condition on line 6
The import on line 1
The method on line 5
The delimiter in line 3
Which attack requires information about an SPN account as a prerequisite?
Kerberoasting
LSASS dumping
Golden Ticket
DCShadow
Which attack requires information about an SPN account as a prerequisite?
Kerberoasting
LSASS dumping
Golden Ticket
DCShadow
What is the main purpose of the command 'crackmapexec smb 192.168.1.0/24 -u user.txt -p Summer123@'?
To perform password spraying on internal systems
To perform common protocol scanning within the internal network
To perform a pass-the-hash attack over multiple endpoints within the internal network
To execute a command in multiple endpoints at the same time
What is the main purpose of the command 'crackmapexec smb 192.168.1.0/24 -u user.txt -p Summer123@'?
To perform password spraying on internal systems
To perform common protocol scanning within the internal network
To perform a pass-the-hash attack over multiple endpoints within the internal network
To execute a command in multiple endpoints at the same time
What does the provided code snippet do?
It checks the accessibility of URLs from a text file and prints 'URL accessible' if the status is 401.
Which technique should a penetration tester use to disrupt wireless communications for PCs?
ARP poisoning
Sidecar scanning
Channel scanning
Port mirroring
Which technique should a penetration tester use to disrupt wireless communications for PCs?
ARP poisoning
Sidecar scanning
Channel scanning
Port mirroring
Which command should a tester use to enumerate all corporate domain DNS records?
nslookup local.domain
dig +short A AAAA local.domain
dig afxr @local.dns.server
nslookup -server local.dns.server local.domain *
Which command should a tester use to enumerate all corporate domain DNS records?
nslookup local.domain
dig +short A AAAA local.domain
dig afxr @local.dns.server
nslookup -server local.dns.server local.domain *
What technique should a penetration tester use for network reconnaissance without causing detection?
Ping sweeps
Banner grabbing
TCP/UDP scanning
Sniffing
What technique should a penetration tester use for network reconnaissance without causing detection?
Ping sweeps
Banner grabbing
TCP/UDP scanning
Sniffing
Which tool is used to capture plaintext log-in credentials during a security assessment?
Wireshark
Zed Attack Proxy
Burp Suite
Metasploit
Which tool is used to capture plaintext log-in credentials during a security assessment?
Wireshark
Zed Attack Proxy
Burp Suite
Metasploit
Which command should a tester use to pivot from a compromised host?
attacker_host$ nmap -sT <target_cidr> | nc -n <compromised_host> 22
attacker_host$ nmap -sT 127.0.0.1 8000
attacker_host$ nc -nlp 8000 | nc -n <target_cidr>
attacker_host$ mknod backpipe p attacker_host$ nc -I -p 8000 | 0 <backpipe | nc <target_cidr> 80 | tee backpipe
Which command should a tester use to pivot from a compromised host?
attacker_host$ nmap -sT <target_cidr> | nc -n <compromised_host> 22
attacker_host$ nmap -sT 127.0.0.1 8000
attacker_host$ nc -nlp 8000 | nc -n <target_cidr>
attacker_host$ mknod backpipe p attacker_host$ nc -I -p 8000 | 0 <backpipe | nc <target_cidr> 80 | tee backpipe
What is included in the CompTIA PenTest+ exam description?
In Progress
Pending Verification
Not Verified
✔Verified
What does the verified checkmark indicate in the CompTIA PenTest+ exam description?
It indicates that the exam is verified.
What is depicted in the image related to CompTIA PenTest+?
A yellow hexagon with the word EXPERT and checkmarks.
Which tool should a penetration tester use to send a specific network packet with custom flags?
Scapy
tcpdump
tcprelay
Bluecrack
Why would a tester use DREAD over PTES during planning?
The tester is conducting a web application test.
The tester is assessing a mobile application.
The tester is evaluating a thick client application.
The tester is creating a threat model.
What should be recommended to prevent XML external entity vulnerabilities?
Disable the use of external entities.
Drop all excessive file permissions with chmod o-rwx.
Implement a WAF to filter all incoming requests.
Ensure the requests application access logs are reviewed frequently.
What should a penetration tester do first when developing a phishing campaign for a corporate client that authorized spear phishing?
Shoulder surfing
Social media
Password dumps
Recon-ng
What change is required on line 6 of the provided code snippet for checking URL accessibility?
The method on line 5
The condition on line 6
The delimiter in line 3
The import on line 1
Which attack requires information about an SPN account as a prerequisite?
DCShadow
Kerberoasting
Golden Ticket
LSASS dumping
What is the main purpose of the command 'crackmapexec smb 192.168.1.0/24 -u user.txt -p Summer123@'?
To execute a command in multiple endpoints at the same time
To perform a pass-the-hash attack over multiple endpoints within the internal network
To perform password spraying on internal systems
To perform common protocol scanning within the internal network
What does the provided code snippet do?
It checks the accessibility of URLs from a text file and prints 'URL accessible' if the status is 401.
Which technique should a penetration tester use to disrupt wireless communications for PCs?
Sidecar scanning
Port mirroring
Channel scanning
ARP poisoning
Which command should a tester use to enumerate all corporate domain DNS records?
dig +short A AAAA local.domain
nslookup -server local.dns.server local.domain *
nslookup local.domain
dig afxr @local.dns.server
What technique should a penetration tester use for network reconnaissance without causing detection?
TCP/UDP scanning
Sniffing
Ping sweeps
Banner grabbing
Which tool is used to capture plaintext log-in credentials during a security assessment?
Zed Attack Proxy
Wireshark
Metasploit
Burp Suite
Which command should a tester use to pivot from a compromised host?
attacker_host$ nmap -sT 127.0.0.1 8000
attacker_host$ nmap -sT <target_cidr> | nc -n <compromised_host> 22
attacker_host$ nc -nlp 8000 | nc -n <target_cidr>
attacker_host$ mknod backpipe p attacker_host$ nc -I -p 8000 | 0 <backpipe | nc <target_cidr> 80 | tee backpipe
Are you sure you want to delete 0 flashcard(s)? This cannot be undone.
Select tags to remove from 0 selected flashcard(s):
Loading tags...