Enjoy 15% Discount With Coupon 15off

CompTIA PT0-001 CompTIA PenTest+ Certification Exam Online Training

CompTIA PT0-001 CompTIA PenTest+ Certification Exam Online Training

CompTIA PT0-001 Online Training

The questions for PT0-001 were last updated at Jan 03,2025.
  • Exam Code: PT0-001
  • Exam Name: CompTIA PenTest+ Certification Exam
  • Certification Provider: CompTIA
  • Latest update: Jan 03,2025
Question #11

A penetration tester is exploiting the use of default public and private community strings.

Which of the following protocols is being exploited?

  • A . SMTP
  • B . DNS
  • C . SNMP
  • D . HTTP

Reveal Solution Hide Solution

Correct Answer: A
Question #12

A penetration tester is attempting to capture a handshake between a client and an access point by monitoring a WPA2-PSK secured wireless network. The tester is monitoring the correct channel for the identified network, but has been unsuccessful in capturing a handshake.

Given the scenario, which of the following attacks would BEST assist the tester in obtaining this handshake?

  • A . Karma attack
  • B . Deauthentication attack
  • C . Fragmentation attack
  • D . SSDI broadcast flood

Reveal Solution Hide Solution

Correct Answer: B
Question #13

A penetration tester has compromised a host .

Which of the following would be the correct syntax to create a Netcat listener on the device?

  • A . nc -lvp 4444 /bin/bash
  • B . nc -vp 4444 /bin/bash
  • C . nc -p 4444 /bin/bash
  • D . nc -lp 4444 Ce /bin/bash

Reveal Solution Hide Solution

Correct Answer: A
A

Explanation:

Reference: https://netsec.ws/?p=292
Question #14

Joe, a penetration tester, has received basic account credentials and logged into a Windows system.

To escalate his privilege, from which of the following places is he using Mimikatz to pull credentials?

  • A . LSASS
  • B . SAM database
  • C . Active Directory
  • D . Registry

Reveal Solution Hide Solution

Correct Answer: C
Question #15

A penetration tester locates a few unquoted service paths during an engagement .

Which of the following can the tester attempt to do with these?

  • A . Attempt to crack the service account passwords.
  • B . Attempt DLL hijacking attacks.
  • C . Attempt to locate weak file and folder permissions.
  • D . Attempt privilege escalation attacks.

Reveal Solution Hide Solution

Correct Answer: D
Question #16

A penetration tester, who is not on the client’s network. is using Nmap to scan the network for hosts that are in scope.

The penetration tester is not receiving any response on the command: nmap 100.100/1/0-125

Which of the following commands would be BEST to return results?

  • A . nmap -Pn -sT 100.100.1.0-125
  • B . nmap -sF -p 100.100.1.0-125
  • C . nmap -sV -oA output 100.100.10-125
  • D . nmap 100.100.1.0-125 -T4

Reveal Solution Hide Solution

Correct Answer: A
Question #17

A penetration tester executes the following commands:

C:>%userprofile%jtr.exe

This program has been blocked by group policy

C:> accesschk.exe -w -s -q -u Users C:Windows

rw C:WindowsTracing

C:>copy %userprofile%jtr.exe C:WindowsTracing

C:WindowsTracingjtr.exe

jtr version 3.2…

jtr>

Which of the following is a local host vulnerability that the attacker is exploiting?

  • A . Insecure file permissions
  • B . Application Whitelisting
  • C . Shell escape
  • D . Writable service

Reveal Solution Hide Solution

Correct Answer: A
A

Explanation:

References https://highon.coffee/blog/penetration-testing-tools-cheat-sheet/#john-the-ripper—jtr
Question #18

Which of the following is an example of a spear phishing attack?

  • A . Targeting an executive with an SMS attack
  • B . Targeting a specific team with an email attack
  • C . Targeting random users with a USB key drop
  • D . Targeting an organization with a watering hole attack

Reveal Solution Hide Solution

Correct Answer: B
B

Explanation:

Reference: https://www.comparitech.com/blog/information-security/spear-phishing/
Question #19

An organization has requested that a penetration test be performed to determine if it is possible for an attacker to gain a foothold on the organization’s server segment During the assessment, the penetration tester identifies tools that appear to have been left behind by a prior attack.

Which of the following actions should the penetration tester take?

  • A . Attempt to use the remnant tools to achieve persistence
  • B . Document the presence of the left-behind tools in the report and proceed with the test
  • C . Remove the tools from the affected systems before continuing on with the test
  • D . Discontinue further testing and report the situation to management

Reveal Solution Hide Solution

Correct Answer: B
Question #20

A penetration tester is outside of an organization’s network and is attempting to redirect users to a fake password reset website hosted on the penetration tester’s box .

Which of the following techniques is suitable to attempt this?

  • A . Employ NBNS poisoning.
  • B . Perform ARP spoofing.
  • C . Conduct a phishing campaign.
  • D . Use an SSL downgrade attack.

Reveal Solution Hide Solution

Correct Answer: C
Previous Questions Next Questions
Latest PT0-001 Dumps Valid Version with 248 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download PT0-001 PDF
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments

Related Posts

19Nov

CompTIA CV0-003 CompTIA Cloud+ Certification Exam Online Training

Question #1 A company has decided to scale its e-commerce application from its corporate datacenter to a commercial cloud provider to... read more

28Oct

CompTIA 220-901 CompTIA A+ Certification Exam Online Training

Question #1 Which of the following is a benefit DHCP over static addressing? A . Every device will automatically be given a... read more

16Oct

CompTIA N10-007 CompTIA Network+ N10-007 Online Training

Question #1 A company wants to implement a wireless infrastructure on its campus to meet the needs of its BYOD initiative.... read more

07Sep

CompTIA 220-1102 CompTIA A+ Certification Core 2 Exam Online Training

Question #1 A user contacts a technician about an issue with a laptop. The user states applications open without being launched... read more

26Oct

CompTIA XK0-004 CompTIA Linux+ Certification Exam Online Training

Question #1 Which of the following is the purpose of the vmlinux file on a Linux system? A . To prevent a... read more

30Oct

CompTIA SK0-004 CompTIA Server+ Online Training

Question #1 A technician is installing an operating system on a server using source files on a USB storage device. The... read more

25Feb

CompTIA CS0-003 CompTIA Cybersecurity Analyst (CySA+) Exam Online Training

Question #1 A recent zero-day vulnerability is being actively exploited, requires no user interaction or privilege escalation, and has a significant... read more

06Sep

CompTIA DA0-001 CompTIA Data+ Certification Online Training

Question #1 Refer to the exhibit. A data analyst needs to calculate the mean for Q1 sales using the data set... read more

04Oct

CompTIA CS0-001 CompTIA CySA+ Certification Exam Online Training

Question #1 A cybersecurity analyst has received a report that multiple systems are experiencing slowness as a result of a DDoS... read more

10Sep

CompTIA SK0-005 CompTIA Server+ Certification Exam Online Training

Question #1 Which of the following is typical of software licensing in the cloud? A . Per socketB . PerpetualC . Subscription-basedD... read more