Online PT0-001 Practice TestMore CompTIA Products >

Free CompTIA PT0-001 Exam Dumps Questions

CompTIA PT0-001: CompTIA PenTest+ Certification Exam

- Get instant access to PT0-001 practice exam questions

- Get ready to pass the CompTIA PenTest+ Certification Exam exam right now using our CompTIA PT0-001 exam package, which includes CompTIA PT0-001 practice test plus an CompTIA PT0-001 Exam Simulator.

- The best online PT0-001 exam study material and preparation tool is here.

4.5

(465 ratings)

Question 1

An attacker uses SET to make a copy of a company's cloud-hosted web mail portal and sends an email m to obtain the CEO s login credentials Which of the following types of attacks is this an example of?

A. Elicitation attack

B. Impersonation attack

C. Spear phishing attack

D. Drive-by download attack

Correct Answer:B

Question 2

Which of the following BEST explains why it is important to maintain confidentiality of any identified findings when performing a penetration test?

A. Penetration test findings often contain company intellectual property

B. Penetration test findings could lead to consumer dissatisfaction if made pubic

C. Penetration test findings are legal documents containing privileged information

D. Penetration test findings can assist an attacker in compromising a system

Correct Answer:C

Question 3

A penetration tester has a full shell to a domain controller and wants to discover any user account that has not authenticated to the domain in 21 days. Which of the following commands would BEST accomplish this?

A. dsrm -users "DN=compony.com; OU=hq CN=usera"

B. dsuser -name -account -limit 3

C. dsquery uaer -inactive 3

D. dsquery -o -rein -limit 21

Correct Answer:B

Question 4

A company contracted a firm specializing in penetration testing to assess the security of a core business application. The company provided the firm with a copy of the Java bytecode. Which of the following steps must the firm take before it can run a static code analyzer?

A. Run the application through a dynamic code analyzer.

B. Employ a fuzzing utility.

C. Decompile the application.

D. Check memory allocation

Correct Answer:D

Question 5

Which of the following would be BEST for performing passive reconnaissance on a target's external domain?

A. Peach

B. CeWL

C. OpenVAS

D. Shodan

Correct Answer:A

Question 6

When performing compliance-based assessments, which of the following is the MOST important Key consideration?

A. Additional rate

B. Company policy

C. Impact tolerance

D. Industry type

Correct Answer:A

START PT0-001 EXAM