CompTIA PT0-003 CompTIA PenTest+ Exam Online Training
CompTIA PT0-003 Online Training
The questions for PT0-003 were last updated at Feb 21,2025.
- Exam Code: PT0-003
- Exam Name: CompTIA PenTest+ Exam
- Certification Provider: CompTIA
- Latest update: Feb 21,2025
A penetration tester has found a web application that is running on a cloud virtual machine instance. Vulnerability scans show a potential SSRF for the same application URL path with an injectable parameter.
Which of the following commands should the tester run to successfully test for secrets exposure exploitability?
- A . curl <url>?param=http://169.254.169.254/latest/meta-data/
- B . curl ‘<url>?param=http://127.0.0.1/etc/passwd’
- C . curl ‘<url>?param=<script>alert(1)<script>/’
- D . curl <url>?param=http://127.0.0.1/
Option D
A penetration tester has found a web application that is running on a cloud virtual machine instance. Vulnerability scans show a potential SSRF for the same application URL path with an injectable parameter.
Which of the following commands should the tester run to successfully test for secrets exposure exploitability?
- A . curl <url>?param=http://169.254.169.254/latest/meta-data/
- B . curl ‘<url>?param=http://127.0.0.1/etc/passwd’
- C . curl ‘<url>?param=<script>alert(1)<script>/’
- D . curl <url>?param=http://127.0.0.1/
Option D
A penetration tester has found a web application that is running on a cloud virtual machine instance. Vulnerability scans show a potential SSRF for the same application URL path with an injectable parameter.
Which of the following commands should the tester run to successfully test for secrets exposure exploitability?
- A . curl <url>?param=http://169.254.169.254/latest/meta-data/
- B . curl ‘<url>?param=http://127.0.0.1/etc/passwd’
- C . curl ‘<url>?param=<script>alert(1)<script>/’
- D . curl <url>?param=http://127.0.0.1/
Option D
A penetration tester cannot find information on the target company’s systems using common OSINT methods. The tester’s attempts to do reconnaissance against internet-facing resources have been blocked by the company’s WAF.
Which of the following is the best way to avoid the WAF and gather information about the target company’s systems?
- A . HTML scraping
- B . Code repository scanning
- C . Directory enumeration
- D . Port scanning
During a penetration test, the tester uses a vulnerability scanner to collect information about any possible vulnerabilities that could be used to compromise the network.
The tester receives the results and then executes the following command:
snmpwalk -v 2c -c public 192.168.1.23
Which of the following is the tester trying to do based on the command they used?
- A . Bypass defensive systems to collect more information.
- B . Use an automation tool to perform the attacks.
- C . Script exploits to gain access to the systems and host.
- D . Validate the results and remove false positives.
A penetration tester is working on a security assessment of a mobile application that was developed in-house for local use by a hospital. The hospital and its customers are very concerned about disclosure of information.
Which of the following tasks should the penetration tester do first?
- A . Set up Drozer in order to manipulate and scan the application.
- B . Run the application through the mobile application security framework.
- C . Connect Frida to analyze the application at runtime to look for data leaks.
- D . Load the application on client-owned devices for testing.
Before starting an assessment, a penetration tester needs to scan a Class B IPv4 network for open ports in a short amount of time.
Which of the following is the best tool for this task?
- A . Burp Suite
- B . masscan
- C . Nmap
- D . hping
A penetration tester is performing an authorized physical assessment. During the test, the tester observes an access control vestibule and on-site security guards near the entry door in the lobby.
Which of the following is the best attack plan for the tester to use in order to gain access to the facility?
- A . Clone badge information in public areas of the facility to gain access to restricted areas.
- B . Tailgate into the facility during a very busy time to gain initial access.
- C . Pick the lock on the rear entrance to gain access to the facility and try to gain access.
- D . Drop USB devices with malware outside of the facility in order to gain access to internal machines.
During a web application assessment, a penetration tester identifies an input field that allows JavaScript injection. The tester inserts a line of JavaScript that results in a prompt, presenting a text box when browsing to the page going forward.
Which of the following types of attacks is this an example of?
- A . SQL injection
- B . SSRF
- C . XSS
- D . Server-side template injection
A penetration tester is working on an engagement in which a main objective is to collect confidential information that could be used to exfiltrate data and perform a ransomware attack. During the engagement, the tester is able to obtain an internal foothold on the target network.
Which of the following is the next task the tester should complete to accomplish the objective?
- A . Initiate a social engineering campaign.
- B . Perform credential dumping.
- C . Compromise an endpoint.
- D . Share enumeration.
Latest PT0-003 Dumps Valid Version with 131 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
