CompTIA PT0-001 CompTIA PenTest+ Certification Exam Online Training
CompTIA PT0-001 Online Training
The questions for PT0-001 were last updated at Jan 01,2025.
- Exam Code: PT0-001
- Exam Name: CompTIA PenTest+ Certification Exam
- Certification Provider: CompTIA
- Latest update: Jan 01,2025
A penetration tester has successfully exploited a Windows host with low privileges and found directories with the following permissions:
Which of the following should be performed to escalate the privileges?
- A . Kerberoasting
- B . Retrieval of the SAM database
- C . Migration of the shell to another process
- D . Writable services
C
Explanation:
Reference: https://book.hacktricks.xyz/windows/windows-local-privilege-escalation
A security team is switching firewall vendors. The director of security wants to scope a penetration test to satisfy requirements to perform the test after major architectural changes .
Which of the following is the BEST way to approach the project?
- A . Design a penetration test approach, focusing on publicly released firewall DoS vulnerabilities.
- B . Review the firewall configuration, followed by a targeted attack by a read team.
- C . Perform a discovery scan to identify changes in the network.
- D . Focus on an objective-based approach to assess network assets with a red team.
Which of the following commands starts the Metasploit database?
- A . msfconsole
- B . workspace
- C . msfvenom
- D . db_init
- E . db_connect
A
Explanation:
References: https://www.offensive-security.com/metasploit-unleashed/msfconsole/
A penetration tester delivers a web application vulnerability scan report to a client. The penetration tester rates a vulnerability as medium severity. The same vulnerability was reported as a critical severity finding on the previous report .
Which of the following is the MOST likely reason for the reduced severity?
- A . The client has applied a hot fix without updating the version.
- B . The threat landscape has significantly changed.
- C . The client has updated their codebase with new features.
- D . Thera are currently no known exploits for this vulnerability.
An internal network penetration test is conducted against a network that is protected by an unknown NAC system In an effort to bypass the NAC restrictions the penetration tester spoofs the MAC address and hostname of an authorized system.
Which of the following devices if impersonated would be MOST likely to provide the tester with network access?
- A . Network-attached printer
- B . Power-over-Ethernet injector
- C . User workstation
- D . Wireless router
Which of the following tools can be used to perform a basic remote vulnerability scan of a website’s configuration?
- A . Mimikatz
- B . BeEF
- C . Nikto
- D . Patator
C
Explanation:
Reference: https://www.freecodecamp.org/news/an-introduction-to-web-server-scanning-with-nikto/
DRAG DROP
Instructions:
Analyze the code segments to determine which sections are needed to complete a port scanning script.
Drag the appropriate elements into the correct locations to complete the script.
If at any time you would like to bring back the initial state of the simulation, please click the reset all button.
During a penetration test, you gain access to a system with a limited user interface. This machine appears to have access to an isolated network that you would like to port scan.
A penetration tester was able to retrieve the initial VPN user domain credentials by phishing a member of the IT department. Afterward, the penetration tester obtained hashes over the VPN and easily cracked them using a dictionary attack.
Which of the following remediation steps should be recommended? (Select THREE)
- A . Mandate all employees take security awareness training
- B . Implement two-factor authentication for remote access
- C . Install an intrusion prevention system
- D . Increase password complexity requirements
- E . Install a security information event monitoring solution.
- F . Prevent members of the IT department from interactively logging in as administrators
- G . Upgrade the cipher suite used for the VPN solution
Which of the following describe a susceptibility present in Android-based commercial mobile devices when organizations are not employing MDM services? (Choose two.)
- A . Configurations are user-customizable.
- B . End users have root access to devices by default.
- C . Push notification services require Internet access.
- D . Unsigned apps can be installed.
- E . The default device log facility does not record system actions.
- F . IPSec VPNs are not configurable.
When negotiating a penetration testing contract with a prospective client, which of the following disclaimers should be included in order to mitigate liability in case of a future breach of the client’s systems?
- A . The proposed mitigations and remediations in the final report do not include a cost-benefit analysis.
- B . The NDA protects the consulting firm from future liabilities in the event of a breach.
- C . The assessment reviewed the cyber key terrain and most critical assets of the client’s network.
- D . The penetration test is based on the state of the system and its configuration at the time of assessment.
Latest PT0-001 Dumps Valid Version with 248 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
