Download CompTIA PenTest+ Certification Exam.PT0-001.ActualTests.2021-07-15.196q.vcex

Vendor: CompTIA
Exam Code: PT0-001
Exam Name: CompTIA PenTest+ Certification Exam
Date: Jul 15, 2021
File Size: 3 MB

How to open VCEX files?

Files with VCEX extension can be opened by ProfExam Simulator.

Purchase
Coupon: EXAM_HUB

Discount: 20%

Demo Questions

Question 1
Place each of the following passwords in order of complexity from least complex (1) to most complex (4), based on the character sets represented. 
Each password may be used only once. 
  
  
 
Correct answer: To display the answer, ProfExam Simulator is required.
Explanation:
 
 
Question 2
A manager calls upon a tester to assist with diagnosing an issue within the following Python script:
The tester suspects it is an issue with string slicing and manipulation. 
Analyze the following code segment and drag and drop the correct output for each string manipulation to its corresponding code segment. 
Options may be used once or not at all. 
  
  
 
Correct answer: To display the answer, ProfExam Simulator is required.
Explanation:
 
 
Question 3
A penetration tester has compromised a Windows server and is attempting to achieve persistence. 
Which of the following would achieve that goal?
  1. schtasks.exe /create/tr “powershell.exe” Sv.ps1 /run
  2. net session server | dsquery -user | net use c$
  3. powershell && set-executionpolicy unrestricted
  4. reg save HKLM\System\CurrentControlSet\Services\Sv.reg
Correct answer: D
Question 4
A client has scheduled a wireless penetration test. Which of the following describes the scoping target information MOST likely needed before testing can begin?
  1. The physical location and network ESSIDs to be tested 
  2. The number of wireless devices owned by the client
  3. The client's preferred wireless access point vendor
  4. The bands and frequencies used by the client's devices
Correct answer: D
Question 5
Which of the following BEST describes some significant security weaknesses with an ICS, such as those used in electrical utility facilities, natural gas facilities, dams, and nuclear facilities?
  1. ICS vendors are slow to implement adequate security controls.
  2. ICS staff are not adequately trained to perform basic duties.
  3. There is a scarcity of replacement equipment for critical devices.
  4. There is a lack of compliance for ICS facilities.
Correct answer: B
Question 6
A security analyst was provided with a detailed penetration report, which was performed against the organization's DMZ environment. 
It was noted on the report that a finding has a CVSS base score of 10.0. 
Which of the following levels of difficulty would be required to exploit this vulnerability?
  1. Very difficult; perimeter systems are usually behind a firewall.
  2. Somewhat difficult; would require significant processing power to exploit.
  3. Trivial; little effort is required to exploit this finding.
  4. Impossible; external hosts are hardened to protect against attacks.
Correct answer: C
Question 7
A penetration tester has gained access to a marketing employee's device. The penetration tester wants to ensure that if the access is discovered, control of the device can be regained. Which of the following actions should the penetration tester use to maintain persistence to the device? 
(Select TWO.)
  1. Place an entry in HKLM\Software\Microsoft\CurrentVersion\Run to call au57d.ps1.
  2. Place an entry in C:\windows\system32\drivers\etc\hosts for 12.17.20.10 badcomptia.com.
  3. Place a script in C:\users\%username\local\appdata\roaming\temp\au57d.ps1.
  4. Create a fake service in Windows called RTAudio to execute manually.
  5. Place an entry for RTAudio in HKLM\CurrentControlSet\Services\RTAudio.
  6. Create a schedule task to call C:\windows\system32\drivers\etc\hosts.
Correct answer: AC
Question 8
Which of the following tools is used to perform a credential brute force attack?
  1. Hydra
  2. John the Ripper
  3. Hashcat
  4. Peach
Correct answer: A
Question 9
Which of the following situations would cause a penetration tester to communicate with a system owner/client during the course of a test? (Select TWO.)
  1. The tester discovers personally identifiable data on the system.
  2. The system shows evidence of prior unauthorized compromise.
  3. The system shows a lack of hardening throughout.
  4. The system becomes unavailable following an attempted exploit.
  5. The tester discovers a finding on an out-of-scope system.
Correct answer: BD
Question 10
A penetration tester has performed a security assessment for a startup firm. The report lists a total of ten vulnerabilities, with five identified as critical. 
The client does not have the resources to immediately remediate all vulnerabilities. 
Under such circumstances, which of the following would be the BEST suggestion for the client?
  1. Apply easy compensating controls for critical vulnerabilities to minimize the risk, and then reprioritize remediation.
  2. Identify the issues that can be remediated most quickly and address them first.
  3. Implement the least impactful of the critical vulnerabilities' remediations first, and then address other critical vulnerabilities
  4. Fix the most critical vulnerability first, even if it means fixing the other vulnerabilities may take a very long lime.
Correct answer: D
HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset

HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen

ProfExam
ProfExam at a 20% markdown

You have the opportunity to purchase ProfExam at a 20% reduced price

Get Now!