CompTIA PT0-001 CompTIA PenTest+ (Plus) Exam Practice Test

Page: 1 / 14
Total 294 questions

Question 1

A tester was able to retrieve domain users' hashes. Which of the following tools can be used to uncover the users' passwords? (Choose two.)



Answer : B, E

Question 2

When negotiating a penetration testing contract with a prospective client, which of the following disclaimers should be included in order to mitigate liability in case of a future breach of the client's systems?



Answer : D

Question 3

A penetration tester has been hired to perform a penetration test for an organization.

Which of the following is indicative of an error-based SQL injection attack?



Answer : A

Question 4

During an engagement, a consultant identifies a number of areas that need further investigation and require an extension of the engagement.

Which of the following is the MOST likely reason why the engagement may not be able to continue?



Answer : C

Question 5

D18912E1457D5D1DDCBD40AB3BF70D5D

During the exploitation phase of a penetration test, a vulnerability is discovered that allows command execution on a Linux web server. A cursory review confirms the system access is only in a low-privilege user context: www-dat

a. After reviewing, the following output from /etc/sudoers:

Which of the following users should be targeted for privilege escalation?



Answer : A

Question 6

A penetration tester has compromised a system and wishes to connect to a port on it from the attacking machine to control the system Which of the following commands should the tester run on the compromised system?



Answer : B

Question 7

Which of the following actions BEST matches a script kiddie's threat actor?



Answer : B

Page:    1 / 14   
Total 294 questions