PT0-003 CompTIA Exam Questions and Free Practice Test

Question 25

A penetration tester downloads a JAR file that is used in an organization's production environment. The tester evaluates the contents of the JAR file to identify potentially vulnerable components that can be targeted for exploit. Which of the following describes the tester's activities?

A. SAST

B. SBOM

C. ICS

D. SCA

Correct Answer:D
The tester??s activity involves analyzing the contents of a JAR file to identify potentially vulnerable components. This process is known as Software Composition Analysis (SCA). Here??s why:
✑ Understanding SCA:
✑ Comparison with Other Terms:
The tester??s activity of examining a JAR file for vulnerable components aligns with SCA, making it the correct answer.
=================

Question 26

A penetration tester writes the following script to enumerate a 1724 network:
1 #!/bin/bash
2 for i in {1..254}; do
3 ping -c1 192.168.1.$i 4 done
The tester executes the script, but it fails with the following error:
-bash: syntax error near unexpected token `ping'
Which of the following should the tester do to fix the error?

A. Add do after line 2.

B. Replace {1..254} with $(seq 1 254).

C. Replace bash with tsh.

D. Replace $i with ${i}.

Correct Answer:A
The error in the script is due to a missing do keyword in the for loop. Here??s the corrected script and
✑ Original Script:
1 #!/bin/bash
2 for i in {1..254}; do
3 ping -c1 192.168.1.$i 4 done
✑ Error
Explanation
✑ Corrected Script: 1 #!/bin/bash
2 for i in {1..254}; do
3 ping -c1 192.168.1.$i 4 done
Adding do after line 2 corrects the syntax error and allows the script to execute properly.
=================

Question 27

A penetration tester wants to create a malicious QR code to assist with a physical security assessment. Which of the following tools has the built-in functionality most likely needed for this task?

A. BeEF

B. John the Ripper

C. ZAP

D. Evilginx

Correct Answer:A
BeEF (Browser Exploitation Framework) is a penetration testing tool that focuses on web browsers. It has built-in functionality for generating malicious QR codes, which can be used to direct users to malicious websites, execute browser-based attacks, or gather information.
✑ Understanding BeEF:
✑ Creating Malicious QR Codes: Step-by-Step Explanationbeef -x --qr
✑ Usage in Physical Security Assessments:
✑ References from Pentesting Literature: References:
✑ Penetration Testing - A Hands-on Introduction to Hacking
✑ HTB Official Writeups
=================

Question 28

A penetration tester assesses a complex web application and wants to explore potential security weaknesses by searching for subdomains that might have existed in the past. Which of the following tools should the penetration tester use?

A. Censys.io

B. Shodan

C. Wayback Machine

D. SpiderFoot

Correct Answer:C
The Wayback Machine is an online tool that archives web pages over time, allowing users
to see how a website looked at various points in its history. This can be extremely useful for penetration testers looking to explore potential security weaknesses by searching for subdomains that might have existed in the past.
✑ Accessing the Wayback Machine:
✑ Navigating Archived Pages:
✑ Identifying Subdomains:
✑ Tool Integration:
✑ Real-World Example:
✑ References from Pentesting Literature: Step-by-Step ExplanationReferences:
✑ HTB Official Writeups
=================

Question 29

During an assessment, a penetration tester runs the following command: setspn.exe -Q /
Which of the following attacks is the penetration tester preparing for?

A. LDAP injection

B. Pass-the-hash

C. Kerberoasting

D. Dictionary

Correct Answer:C
Kerberoasting is an attack that involves requesting service tickets for service accounts from a Kerberos service, extracting the service tickets, and attempting to crack them offline to retrieve the plaintext passwords.
✑ Understanding Kerberoasting:
✑ Command Breakdown:
✑ Kerberoasting Steps:
✑ References from Pentesting Literature: Step-by-Step ExplanationReferences:
✑ Penetration Testing - A Hands-on Introduction to Hacking
✑ HTB Official Writeups
=================

Question 30

A tester is performing an external phishing assessment on the top executives at a company. Two-factor authentication is enabled on the executives?? accounts that are in the scope of work. Which of the following should the tester do to get access to these accounts?

A. Configure an external domain using a typosquatting techniqu

B. Configure Evilginx to bypass two-factor authentication using a phishlet that simulates the mail portal for the company.

C. Configure Gophish to use an external domai

D. Clone the email portal web page from the company and get the two-factor authentication code using a brute-force attack method.

E. Configure an external domain using a typosquatting techniqu

F. Configure SET to bypass two-factor authentication using a phishlet that mimics the mail portal for the company.

G. Configure Gophish to use an external domai

H. Clone the email portal web page from the company and get the two-factor authentication code using a vishing method.

Correct Answer:A
To bypass two-factor authentication (2FA) and gain access to the executives?? accounts, the tester should use Evilginx with a typosquatting domain. Evilginx is a man-in-the-middle attack framework used to bypass 2FA by capturing session tokens.
✑ Phishing with Evilginx:
✑ Typosquatting:
✑ Steps:
Pentest References:
✑ Phishing: Social engineering technique to deceive users into providing sensitive information.
✑ Two-Factor Authentication Bypass: Advanced phishing attacks like those using Evilginx can capture and reuse session tokens, bypassing 2FA mechanisms.
✑ OSINT and Reconnaissance: Identifying key targets (executives) and crafting convincing phishing emails based on gathered information.
Using Evilginx with a typosquatting domain allows the tester to bypass 2FA and gain access to high-value accounts, demonstrating the effectiveness of advanced phishing techniques.
=================

START PT0-003 EXAM