CompTIA's PT0-003 During a red-team exercise, a penetration tester obtains an employee's access badge. The tester uses the badge's information to create a duplicate for unauthorized entry. Which of the following best describes this action?
#61
Answer: C✅ Correct❌ Incorrect
CompTIA's PT0-003 During an engagement, a penetration tester needs to break the key for the Wi-Fi network that uses WPA2 encryption. Which of the following attacks would accomplish this objective?
#62
Answer: D✅ Correct❌ Incorrect
CompTIA's PT0-003 A penetration tester is researching a path to escalate privileges. While enumerating current user privileges, the tester observes the following output:Which of the following privileges should the tester use to achieve the goal?
#63
Answer: A✅ Correct❌ Incorrect
CompTIA's PT0-003 During a routine penetration test, the client's security team observes logging alerts that indicate several ID badges were reprinted after working hours without the appropriate authorization. Which of the following is the penetration tester most likely trying to do?
#64
Answer: A✅ Correct❌ Incorrect
CompTIA's PT0-003 As part of an engagement, a penetration tester wants to maintain access to a compromised system after rebooting. Which of the following techniques would be best for the tester to use?
#65
Answer: C✅ Correct❌ Incorrect
CompTIA's PT0-003 A penetration tester needs to scan a remote infrastructure with Nmap. The tester issues the following command: nmap 10.10.1.0/24Which of the following is the number of TCP ports that will be scanned?
#66
Answer: B✅ Correct❌ Incorrect
CompTIA's PT0-003 During an assessment, a penetration tester gains access to one of the internal hosts. Given the following command: schtasks /create /tn "Windows Update" /sc onlogon /tr “cmd.exe /c update.exe”Which of the following is the penetration tester trying to do with this code?
#67
Answer: B✅ Correct❌ Incorrect
CompTIA's PT0-003 Given the following statements:Implement a web application firewall.Upgrade end-of-life operating systems.Implement a secure software development life cycle.In which of the following sections of a penetration test report would the above statements be found?
#68
Answer: D✅ Correct❌ Incorrect
CompTIA's PT0-003 Which of the following is within the scope of proper handling and most crucial when working on a penetration testing report?
#69
Answer: D✅ Correct❌ Incorrect
CompTIA's PT0-003 A penetration tester aims to exploit a vulnerability in a wireless network that lacks proper encryption. The lack of proper encryption allows malicious content to infiltrate the network. Which of the following techniques would most likely achieve the goal?
#70
Answer: A✅ Correct❌ Incorrect
CompTIA's PT0-003 A penetration tester gains initial access to an endpoint and needs to execute a payload to obtain additional access. Which of the following commands should the penetration tester use?
#71
Answer: D✅ Correct❌ Incorrect
CompTIA's PT0-003 A penetration tester obtains password dumps associated with the target and identifies strict lockout policies. The tester does not want to lock out accounts when attempting access. Which of the following techniques should the tester use?
#72
Answer: A✅ Correct❌ Incorrect
CompTIA's PT0-003 A penetration tester obtains the following output during an Nmap scan:Which of the following should be the next step for the tester?
#73
Answer: B✅ Correct❌ Incorrect
CompTIA's PT0-003 A penetration tester has been asked to conduct a blind web application test against a customer's corporate website. Which of the following tools would be best suited to perform this assessment?
#74
Answer: A✅ Correct❌ Incorrect
CompTIA's PT0-003 A tester enumerated a firewall policy and now needs to stage and exfiltrate data captured from the engagement. Given the following firewall policy:Which of the following commands should the tester try next?
#75
Answer: A✅ Correct❌ Incorrect
CompTIA's PT0-003 Which of the following post-exploitation activities allows a penetration tester to maintain persistent access in a compromised system?
#76
Answer: A✅ Correct❌ Incorrect
CompTIA's PT0-003 A penetration tester compromises a Windows OS endpoint that is joined to an Active Directory local environment. Which of the following tools should the tester use to manipulate authentication mechanisms to move laterally in the network?
#77
Answer: A✅ Correct❌ Incorrect
CompTIA's PT0-003 A penetration tester identifies the following open ports during a network enumeration scan:Which of the following commands did the tester use to get this output?
#78
Answer: D✅ Correct❌ Incorrect
CompTIA's PT0-003 A penetration tester conducts reconnaissance for a client's network and identifies the following system of interest:The tester notices numerous open ports on the system of interest. Which of the following best describes this system?
#79
Answer: A✅ Correct❌ Incorrect
CompTIA's PT0-003 A penetration tester gains initial access to a target system by exploiting a recent RCE vulnerability. The patch for the vulnerability will be deployed at the end of the week. Which of the following utilities would allow the tester to reenter the system remotely after the patch has been deployed? (Choose two.) E. sc.exe F. netsh.exe
#80
Answer: A✅ Correct❌ Incorrect
CompTIA's PT0-003 A tester runs an Nmap scan against a Windows server and receives the following results:Which of the following TCP ports should be prioritized for using hash-based relays?
#81
Answer: C✅ Correct❌ Incorrect
CompTIA's PT0-003 During an assessment, a penetration tester compromises some machines but finds that none of the accounts have sufficient access to the target HR database server. In order to enumerate accounts with sufficient permissions, the tester wants to model an attack path before taking further action. Which of the following tools should the tester use to meet this objective? E. TruffleHog
#82
Answer: D✅ Correct❌ Incorrect
CompTIA's PT0-003 A penetration tester plans to conduct reconnaissance during an engagement using readily available resources. Which of the following resources would most likely identify hardware and software being utilized by the client?
#83
Answer: D✅ Correct❌ Incorrect
CompTIA's PT0-003 A company wants to perform a BAS to measure the efficiency of the corporate security controls. Which of the following would most likely help the tester with simple command examples?
#84
Answer: C✅ Correct❌ Incorrect
CompTIA's PT0-003 A penetration tester is conducting an assessment of a web application's log-in page. The tester needs to determine whether there are any hidden form fields of interest. Which of following is the most effective technique?
#85
Answer: D✅ Correct❌ Incorrect
CompTIA's PT0-003 A penetration tester finds it is possible to downgrade a web application's HTTPS connections to HTTP while performing on-path attacks on the local network. The tester reviews the output of the server response to curl -s -I https://internalapp/.HTTP/2 302 -date: Thu, 11 Jan 2024 15:56:24 GMTcontent-type: text/html; charset=iso-8859-llocation: /loginx-content-type-options: nosniffserver: ProdWhich of the following recommendations should the penetration tester include in the report?
#86
Answer: A✅ Correct❌ Incorrect
CompTIA's PT0-003 Which of the following can an access control vestibule help deter?
#87
Answer: D✅ Correct❌ Incorrect
CompTIA's PT0-003 Which of the following is the most efficient way to exfiltrate a file containing data that could be sensitive?
#88
Answer: D✅ Correct❌ Incorrect
CompTIA's PT0-003 A penetration tester has discovered sensitive files on a system. Assuming exfiltration of the files is part of the scope of the test, which of the following is most likely to evade DLP systems?
#89
Answer: A✅ Correct❌ Incorrect
CompTIA's PT0-003 A penetration tester is testing a power plant's network and needs to avoid disruption to the grid. Which of the following methods is most appropriate to identify vulnerabilities in the network?