Browse Exams Pricing

ExamsPT0-003Questions

PT0-003 Exam Questions

302 real PT0-003 exam questions with expert-verified answers and explanations. Page 3 of 7.

Question #105Engagement Management
A penetration tester needs to complete cleanup activities from the testing lead. Which of the following should the tester do to validate that reverse shell payloads are no longer r...
cleanuppost-engagementreverse shellimplant removal
Question #106Reconnaissance and Enumeration
A penetration testing team wants to conduct DNS lookups for a set of targets provided by the client. The team crafts a Bash script for this task. However, they find a minor error i...
DNS lookupBash scriptingreconnaissance toolshost command
Question #107Vulnerability Discovery and Analysis
A penetration tester needs to test a very large number of URLs for public access. Given the following code snippet: Which of the following changes is required?
scriptingURL validationweb application testingaccess control testing
Question #108Post-exploitation and Lateral Movement
As part of an engagement, a penetration tester wants to maintain access to a compromised system after rebooting. Which of the following techniques would be best for the tester to u...
persistencepost-exploitationscheduled tasks
Question #109Vulnerability Discovery and Analysis
In a file stored in an unprotected source code repository, a penetration tester discovers the following line of code: sshpass -p donotchange ssh [email protected] Which of the fol...
credential discoverysource code analysisdocumentationvulnerability identification
Question #110Attacks and Exploits
During a security assessment for an internal corporate network, a penetration tester wants to gain unauthorized access to internal resources by executing an attack that uses softwa...
rootkitmalwarehost-based attackunauthorized access
Question #111Reconnaissance and Enumeration
A penetration tester assesses a complex web application and wants to explore potential security weaknesses by searching for subdomains that might have existed in the past. Which of...
OSINTsubdomain enumerationWayback Machinereconnaissance tools
Question #112Vulnerability Discovery and Analysis
During the reconnaissance phase, a penetration tester collected the following information from the DNS records: A-----> www A-----> host TXT --> vpn.comptia.org SPF---> ip =2.2.2.2...
DNS recordsphishing preventionDMARCemail security
Question #113Post-exploitation and Lateral Movement
A penetration tester discovers data to stage and exfiltrate. The client has authorized movement to the tester's attacking hosts only. Which of the following would be most appropria...
data exfiltrationcovert channelsencryptionnetwork protocols
Question #114Post-exploitation and Lateral Movement
A penetration tester gains access to a domain server and wants to enumerate the systems within the domain. Which of the following tools would provide the best oversight of domains?
network enumerationNmapdomain discoveryinternal reconnaissance
Question #115Reconnaissance and Enumeration
A penetration tester plans to conduct reconnaissance during an engagement using readily available resources. Which of the following resources would most likely identify hardware an...
OSINTreconnaissancejob boardstechnology stack identification
Question #116Attacks and Exploits
A penetration tester would like to crack a hash using a list of hashes and a predefined set of rules. The tester runs the following command: hashcat.exe -a 0 .\hash.txt .\rockyou.t...
hash crackinghashcatdictionary attackpassword attacks
Question #117Attacks and Exploits
During a REST API security assessment, a penetration tester was able to sniff JSON content containing user credentials. The JSON structure was as follows: < transaction_id: "1234S6...
JSON parsingPythonAPI securitydata extraction
Question #118Vulnerability Discovery and Analysis
A vulnerability assessor is looking to establish a baseline of all IPv4 network traffic on the local VLAN without a local IP address. Which of the following Nmap command sequences...
Nmapnetwork scanningvulnerability assessmenttraffic analysis
Question #119Vulnerability Discovery and Analysis
An organization is using Android mobile devices but does not use MDM services. Which of the following describes an existing risk present in this scenario?
MDMmobile securityAndroid securityrisk assessment
Question #120Reconnaissance and Enumeration
A penetration tester is conducting an assessment on a web application. Which of the following active reconnaissance techniques would be best for the tester to use to gather additio...
web application securityreconnaissanceinterception proxyBurp Suite
Question #121Post-exploitation and Lateral Movement
A penetration tester exploits a vulnerable service to gain a shell on a target server. The tester receives the following: Directory of C:\Users\Guest 05/13/2022 09:23 PM mimikatz.e...
post-exploitationMimikatzindicators of compromiseforensics
Question #122Vulnerability Discovery and Analysis
During a penetration test of a server application, a security consultant found that the application randomly crashed or remained stable after opening several simultaneous connectio...
vulnerability analysisdebuggingrace conditionsexploit development
Question #123Vulnerability Discovery and Analysis
A tester performs a vulnerability scan and identifies several outdated libraries used within the customer SaaS product offering. Which of the following types of scans did the teste...
vulnerability scanningSBOMsoftware composition analysisoutdated libraries
Question #124Vulnerability Discovery and Analysis
A penetration tester performs an assessment on the target company's Kubernetes cluster using kube- hunter. Which of the following types of vulnerabilities could be detected with th...
Kubernetes securitykube-huntercontainer securitymisconfigurations
Question #125Attacks and Exploits
A penetration tester wants to send a specific network packet with custom flags and sequence numbers to a vulnerable target. Which of the following should the tester use?
packet craftingScapynetwork attacksexploit development
Question #126Engagement Management
Given the following statements: - Implement a web application firewall. - Upgrade end-of-life operating systems. - Implement a secure software development life cycle. In which of t...
penetration test reportrecommendationsrisk mitigationWAF
Question #127Attacks and Exploits
During a penetration test, a tester captures information about an SPN account. Which of the following attacks requires this information as a prerequisite to proceed?
Active Directory attacksKerberoastingSPNcredential theft
Question #128Vulnerability Discovery and Analysis
A penetration tester attempts to run an automated web-application scanner against a target URL. The tester validates that the web page is accessible from a different device. The te...
web application scanninguser agentevasion techniquesWAF bypass
Question #129Reconnaissance and Enumeration
During a penetration test, a junior tester uses Hunter.io for an assessment and plans to review the information that will be collected. Which of the following describes the informa...
OSINTemail harvestingreconnaissance toolsHunter.io
Question #130Attacks and Exploits
SIMULATION INSTRUCTIONS Given the following attack signatures, determine the attack type, and then identify the associated remediation to prevent the attack in the future. If at an...
Web application attacksVulnerability remediationInput validationAttack types
Question #131CompTIA PenTest+ Domain 3: Information Gathering and Vulnerability Scanning - specifically constructing and interpreting Nmap scan commands and identifying attack surfaces from scan output.
SIMULATION You are a penetration tester running port scans on a server. INSTRUCTIONS Part1: Given the output, construct the command that was used to generate this output from the a...
NmapPort ScanningSMB VulnerabilitiesPenetration Testing
Question #132CompTIA PenTest+ / Security+ - Application and Web Security: Identifying and remediating certificate-based vulnerabilities, understanding PKI infrastructure, and performing certificate lifecycle management including CSR generation, CA submission, and certificate installation.
SIMULATION You are a penetration tester reviewing a client's website through a web browser. INSTRUCTIONS Review all components of the website through the browser to determine if vu...
PKI and Certificate ManagementSSL/TLS VulnerabilitiesWeb Application SecurityPenetration Testing Remediation
Question #133CompTIA PenTest+ Domain 3: Information Gathering and Vulnerability Scanning - specifically the ability to write and modify scripts to perform network reconnaissance and port scanning during an engagement, demonstrating scripting proficiency required for penetration testers operating in restricted environments.
SIMULATION INSTRUCTIONS Analyze the code segments to determine which sections are needed to complete a port scanning script. Drag the appropriate elements into the correct location...
Port ScanningPython ScriptingNetwork ReconnaissancePenetration Testing
Question #134Reconnaissance and enumeration
A penetration tester gains access to a domain member server and wants to identify which potential targets are available to attack. Which of the following tools should the penetrati...
Network scanningHost discoveryNmapTool usage
Question #135CompTIA PenTest+ Domain 2: Information Gathering and Vulnerability Scanning - specifically passive reconnaissance techniques and tool identification for enumerating public-facing assets from a given domain name.
SIMULATION A penetration tester has been provided with only the public domain name and must enumerate additional information for the public-facing assets. INSTRUCTIONS Select the a...
OSINT ReconnaissancetheHarvesterPassive EnumerationPenetration Testing Tools
Question #136Vulnerability Discovery and Analysis
SIMULATION A penetration tester performs several Nmap scans against the web application for a client. INSTRUCTIONS Click on the WAF and servers to review the results of the Nmap sc...
NmapSSRFWeb Application SecurityVulnerability Remediation
Question #137CompTIA PenTest+ Domain 2: Information Gathering and Vulnerability Scanning - specifically passive and active reconnaissance techniques against web applications, including open-source intelligence (OSINT) gathering and tool selection for targeted assessments.
SIMULATION A penetration tester is performing reconnaissance for a web application assessment. Upon investigation, the tester reviews the robots.txt file for items of interest. INS...
Web Application Reconnaissancerobots.txt AnalysisWordPress SecurityPenetration Testing Tools
Question #138Post-exploitation and Lateral Movement
SIMULATION A previous penetration test report identified a host with vulnerabilities that was successfully exploited. Management has requested that an internal member of the securi...
Vulnerability ExploitationPrivilege EscalationPenetration TestingRemediation
Question #139Reconnaissance and enumeration
A consultant starts a network penetration test. The consultant uses a laptop that is hardwired to the network to try to assess the network with the appropriate tools. Which of the...
Penetration testing methodologyHost discoveryNetwork reconnaissance
Question #140Post-exploitation and lateral movement
Which of the following protocols would a penetration tester most likely utilize to exfiltrate data covertly and evade detection?
Data exfiltrationCovert channelsDNS tunnelingNetwork protocols
Question #141Engagement management
Which of the following is most important when communicating the need for vulnerability remediation to a client at the conclusion of a penetration test?
ReportingRemediationRisk communicationImpact assessment
Question #142Reconnaissance and enumeration
A penetration tester is conducting reconnaissance on a target network. The tester runs the following Nmap command: nmap -sv -sT -p - 192.168.1.0/24. Which of the following describe...
NmapService discoveryPort scanningNetwork reconnaissance
Question #143Vulnerability discovery and analysis
During a penetration test of a web application, the tester gains full access to the application's source code. The application repository includes thousands of code files. Given th...
Source code analysisHard-coded credentialsTruffleHogVulnerability discovery
Question #144Post-exploitation and lateral movement
Which of the following is the most efficient way to infiltrate a file containing data that could be sensitive?
Data exfiltrationSecure transferEncryptionHTTPS
Question #145Post-exploitation and lateral movement
Which of the following post-exploitation activities allows a penetration tester to maintain persistent access in a compromised system?
PersistencePost-exploitationRegistry modificationBackdoors
Question #146Vulnerability discovery and analysis
Which of the following OT protocols sends information in cleartext?
OT protocolsModbusCleartext communicationICS security
Question #147Vulnerability discovery and analysis
A penetration tester is getting ready to conduct a vulnerability scan as part of the testing process. The tester will evaluate an environment that consists of a container orchestra...
Container securityKubernetes securityVulnerability scanningKube-hunter
Question #148Vulnerability discovery and analysis
A penetration tester performs a service enumeration process and receives the following result after scanning a server using the Nmap tool: Based on the output, which of the followi...
Service enumerationNmapAttack surface analysisVulnerability identification
Question #149Attacks and Exploits
A penetration tester would like to leverage a CSRF vulnerability to gather sensitive details from an application's end users. Which of the following tools should the tester use for...
CSRFClient-side attacksBrowser Exploitation FrameworkWeb application exploitation
Question #150Attacks and Exploits
During a security assessment, a penetration tester uses a tool to capture plaintext log-in credentials on the communication between a user and an authentication system. The tester...
Packet sniffingWiresharkNetwork analysisCredential capture
Question #151Vulnerability discovery and analysis
A penetration tester reviews a SAST vulnerability scan report. The following vulnerability has been reported as high severity: The tester inspects the source file and finds the var...
SASTVulnerability classificationFalse positiveCode review
Question #152Attacks and Exploits
Which of the following technologies is most likely used with badge cloning? (Select two).
NFCRFIDBadge cloningPhysical security
Question #153Vulnerability Discovery and Analysis
A penetration tester is getting ready to conduct a vulnerability scan to evaluate an environment that consists of a container orchestration cluster. Which of the following tools wo...
container securityvulnerability scanningTrivy
Question #154Reconnaissance and Enumeration
A penetration tester writes a Bash script to automate the execution of a ping command on a Class C network: Which of the following pieces of code should the penetration tester use...
Bash scriptingnetwork scanningping sweepseq command

PreviousPage 3 of 7Next

study smarter, certify faster.

Product

Browse Exams
Pricing
PDF Downloads

Resources

Blog
Glossary
Topics
FAQ
Contact Us

Legal

Terms of Service
Privacy Policy
Cookie Policy
DMCA
Refund Policy

Company

About
Contact

© 2026 NerdExam. All rights reserved.Built for IT professionals

NerdExam is a trading name of WADL Solutions Limited, a company incorporated in Hong Kong (CR# 80143234). Registered office: Unit 2904-05, 29/F, Universal Trade Centre, 3 Arbuthnot Road, Central, Hong Kong.

CompTIA, AWS, Cisco, Microsoft, Google Cloud, Oracle, VMware, and other certification names referenced on this site are trademarks of their respective owners. NerdExam is not affiliated with, endorsed by, or sponsored by any certification vendor.