Free Preparation Discussions
MENU
CompTIA PT0-003 Exam Questions
- Topic 1: Engagement Management: In this topic, cybersecurity analysts learn about pre-engagement activities, collaboration, and communication in a penetration testing environment. The topic covers testing frameworks, methodologies, and penetration test reports. It also explains how to analyze findings and recommend remediation effectively within reports, crucial for real-world testing scenarios.
- Topic 2: Reconnaissance and Enumeration: This topic focuses on applying information gathering and enumeration techniques. Cybersecurity analysts will learn how to modify scripts for reconnaissance and enumeration purposes. They will also understand which tools to use for these stages, essential for gathering crucial information before performing deeper penetration tests.
- Topic 3: Vulnerability Discovery and Analysis: In this section, cybersecurity analysts will learn various techniques to discover vulnerabilities. Analysts will also analyze data from reconnaissance, scanning, and enumeration phases to identify threats. Additionally, it covers physical security concepts, enabling analysts to understand security gaps beyond just the digital landscape.
- Topic 4: Attacks and Exploits: This extensive topic trains cybersecurity analysts to analyze data and prioritize attacks. Analysts will learn how to conduct network, authentication, host-based, web application, cloud, wireless, and social engineering attacks using appropriate tools. Understanding specialized systems and automating attacks with scripting will also be emphasized.
- Topic 5: Post-exploitation and Lateral Movement: Cybersecurity analysts will gain skills in establishing and maintaining persistence within a system. This topic also covers lateral movement within an environment and introduces concepts of staging and exfiltration. Lastly, it highlights cleanup and restoration activities, ensuring analysts understand the post-exploitation phase’s responsibilities.
Free CompTIA PT0-003 Exam Actual Questions
Note: Premium Questions for PT0-003 were last updated On Feb. 28, 2025 (see below)
A penetration tester successfully clones a source code repository and then runs the following command:
find . -type f -exec egrep -i "token|key|login" {} \;
Which of the following is the penetration tester conducting?
Penetration testers search for hardcoded credentials, API keys, and authentication tokens in source code repositories to identify secrets leakage.
Secrets scanning (Option B):
The find and egrep command scans all files recursively for sensitive keywords like 'token,' 'key,' and 'login'.
Attackers use tools like TruffleHog and GitLeaks to automate secret discovery.
Incorrect options:
Option A (Data tokenization): Tokenization replaces sensitive data with unique tokens, not scanning for credentials.
Option C (Password spraying): Tries common passwords across multiple accounts, unrelated to scanning source code.
Which of the following activities should be performed to prevent uploaded web shells from being exploited by others?
Secure Data Destruction:
Securely deleting the web shell ensures it cannot be accessed or exploited by attackers in the future.
This involves removing the malicious file and overwriting the space it occupied to prevent recovery.
Why Not Other Options?
A (Remove persistence mechanisms): While helpful in maintaining security, this doesn't address the immediate threat of the web shell.
B (Spin down infrastructure): This could disrupt operations and doesn't directly mitigate the web shell issue.
C (Preserve artifacts): While necessary for forensic analysis, it does not prevent further exploitation of the web shell.
CompTIA Pentest+ Reference:
Domain 3.0 (Attacks and Exploits)
A tester obtains access to an endpoint subnet and wants to move laterally in the network. Given the following output:
kotlin
Copy code
Nmap scan report for some_host
Host is up (0.01 latency).
PORT STATE SERVICE
445/tcp open microsoft-ds
Host script results: smb2-security-mode: Message signing disabled
Which of the following command and attack methods is the most appropriate for reducing the chances of being detected?
Explanation of the Correct Option:
A (responder and ntlmrelayx.py):
Responder is a tool for intercepting and relaying NTLM authentication requests.
Since SMB signing is disabled, ntlmrelayx.py can relay authentication requests and escalate privileges to move laterally without directly brute-forcing credentials, which is stealthier.
Why Not Other Options?
B: Exploiting MS17-010 (psexec) is noisy and likely to trigger alerts.
C: Brute-forcing credentials with Hydra is highly detectable due to the volume of failed login attempts.
D: Nmap scripts like smb-brute.nse are useful for enumeration but involve brute-force methods that increase detection risk.
CompTIA Pentest+ Reference:
Domain 3.0 (Attacks and Exploits)
During a red-team exercise, a penetration tester obtains an employee's access badge. The tester uses the badge's information to create a duplicate for unauthorized entry. Which of the following best describes this action?
RFID Cloning:
RFID (Radio-Frequency Identification) cloning involves copying the data from an access badge and creating a duplicate that can be used for unauthorized entry.
Tools like Proxmark or RFID duplicators are commonly used for this purpose.
Why Not Other Options?
A (Smurfing): A network-based denial-of-service attack, unrelated to physical access.
B (Credential stuffing): Involves using stolen credentials in bulk for authentication attempts, unrelated to badge cloning.
D (Card skimming): Relates to stealing credit card information, not access badges.
CompTIA Pentest+ Reference:
Domain 3.0 (Attacks and Exploits)
A penetration tester would like to leverage a CSRF vulnerability to gather sensitive details from an application's end users. Which of the following tools should the tester use for this task?
Capabilities: BeEF is equipped with modules to create CSRF attacks, capture session tokens, and gather sensitive information from the target user's browser session.
Drawbacks: While useful for reconnaissance, Maltego is not designed for exploiting web vulnerabilities like CSRF.
Metasploit (Option C):
Capabilities: While Metasploit can exploit some web vulnerabilities, it is not specifically tailored for CSRF attacks as effectively as BeEF.
Drawbacks: It does not provide capabilities for exploiting CSRF vulnerabilities.
Conclusion: The Browser Exploitation Framework (BeEF) is the most suitable tool for leveraging a CSRF vulnerability to gather sensitive details from an application's end users. It is specifically designed for browser-based exploitation, making it the best choice for this task.
Maltego (Option B):
theHarvester (Option D):
- Select Question Types you want
- Set your Desired Pass Percentage
- Allocate Time (Hours : Minutes)
- Create Multiple Practice tests with Limited Questions
- Customer Support
Veronica
12 days agoJosefa
17 days agoOmer
27 days agoWillow
1 months agoYoulanda
2 months agoNorah
2 months agoAngelica
2 months agoKattie
2 months agoQueen
2 months agoJannette
3 months agoVirgina
3 months agoTheola
3 months agoYuki
3 months agoElmer
3 months agoCatarina
4 months agoCheryl
4 months agoViva
4 months agoMalcolm
4 months agoHelga
5 months agoGlory
5 months agoMee
5 months agoMaxima
5 months agoDacia
5 months agoNoah
6 months agoAlexia
6 months agoTracie
6 months agoJade
6 months agoDwight
6 months ago