Free CompTIA PenTest+ (Plus) PT0-001 Exam Practice Test

A penetration tester locates a few unquoted service paths during an engagement. Which of the following can the tester attempt to do with these?

• Attempt to crack the service account passwords.
  
• Attempt DLL hijacking attacks.
  
• Attempt to locate weak file and folder permissions.
  
• Attempt privilege escalation attacks.
  

A penetration tester has obtained access to an IP network subnet that contains ICS equipment intercommunication. Which of the following attacks is MOST likely to succeed in creating a physical effect?

• DNS cache poisoning
  
• Record and replay
  
• Supervisory server SMB
  
• Blind SQL injection
  

After delivering a draft of a penetration test report, a development team has raised concerns about an issue categorized as 'high.' A cloud storage bucket is configured to allow read access to the public, but writing to objects within the bucket is restricted to authorized users. The bucket contains only publicly available images that can already be found on the application homepage. Which of the following severity levels should the penetration tester consider?

• Critical
  
• Medium
  
• Informational
  
• Low
  

A penetration tester is in the process of writing a report that outlines the overall level of risk to operations. Inwhich of the following areas of the report should the penetration tester put this?

• Appendices
  
• Executive summary
  
• Technical summary
  
• Main body
  

A penetration tester runs the following from a compromised box 'python -c -import pty;Pty.sPawn( '/bin/bash').' Which of the following actions is the tester taking?

• Removing the Bash history
  
• Upgrading the shell
  
• Creating a sandbox
  
• Capturing credentials
  

A web application scanner reports that a website is susceptible to clickjacking. Which of the following techniques would BEST prove exploitability?

• Redirect the user with a CSRF.
  
• Launch the website in an iFRAME.
  
• Pull server headers.
  
• Capture and replay a session ID.
  

A software development team recently migrated to new application software on the on-premises environment Penetration test findings show that multiple vulnerabilities exist If a penetration tester does not have access to a live or test environment, a test might be better to create the same environment on the VM Which of the following is MOST important for confirmation?

• Unsecure service and protocol configuration
  
• Running SMB and SMTP service
  
• Weak password complexity and user account
  
• Misconfiguration
  

A penetration tester is exploiting the use of default public and private community strings Which of the following protocols is being exploited?

• SMTP
  
• DNS
  
• SNMP
  
• HTTP
  

A penetration tester has been asked to conduct OS fingering with Nmap using a company-provided text file that contains a list of IP addresses. Which of the following are needed to conduct this scan? (Choose two.)

• -O
  
• -iL
  
• -sV
  
• -sS
  
• -oN
  
• -oX
  

A penetration tester delivers a web application vulnerability scan report to a client. The penetration tester rates a vulnerability as medium severity. The same vulnerability was reported as a critical severity finding on the previous report. Which of the following is the MOST likely reason for the reduced severity?

• The client has applied a hot fix without updating the version.
  
• The threat landscape has significantly changed.
  
• The client has updated their codebase with new features.
  
• Thera are currently no known exploits for this vulnerability.