Summer Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

PT0-003 Exam Dumps - CompTIA PenTest+ Questions and Answers

Question # 94

During a penetration test, a junior tester uses Hunter.io for an assessment and plans to review the information that will be collected. Which of the following describes the information the junior tester will receive from the Hunter.io tool?

Options:

A.

A collection of email addresses for the target domain that is available on multiple sources on the internet

B.

DNS records for the target domain and subdomains that could be used to increase the external attack surface

C.

Data breach information about the organization that could be used for additional enumeration

D.

Information from the target ' s main web page that collects usernames, metadata, and possible data exposures

Buy Now
Question # 95

During wireless testing, a penetration tester observes the following customer APs and configurations:

SSID / Configuration

AP1 – WPA3

AP2 – WPA3

AP3 – WPA2

AP4 – WPA3

Which of the following attacks can the tester use only against AP3?

Options:

A.

Brute force

B.

Signal jamming

C.

Evil twin

D.

Deauthentication

Buy Now
Question # 96

A penetration tester finds that an application responds with the contents of the /etc/passwd file when the following payload is sent:

< ?xml version= " 1.0 " ? >

< !DOCTYPE data [ < !ENTITY foo SYSTEM " file:///etc/passwd " > ] >

< test > & foo; < /test >

Which of the following should the tester recommend in the report to best prevent this type of vulnerability?

Options:

A.

Drop all excessive file permissions with chmod o-rwx

B.

Ensure the requests application access logs are reviewed frequently

C.

Disable the use of external entities

D.

Implement a WAF to filter all incoming requests

Buy Now
Question # 97

A penetration tester needs to use the native binaries on a system in order to download a file from the internet and evade detection. Which of the following tools would the tester most likely use?

Options:

A.

netsh.exe

B.

certutil.exe

C.

nc.exe

D.

cmdkey.exe

Buy Now
Question # 98

A penetration tester aims to exploit a vulnerability in a wireless network that lacks proper encryption. The lack of proper encryption allows malicious content to infiltrate the network. Which of the following techniques would most likely achieve the goal?

Options:

A.

Packet injection

B.

Bluejacking

C.

Beacon flooding

D.

Signal jamming

Buy Now
Question # 99

A penetration tester creates the following Python script that can be used to enumerate information about email accounts on a target mail server:

Which of the following logic constructs would permit the script to continue despite failure?

Options:

A.

Add a do/while loop.

B.

Add an iterator.

C.

Add a t.ry/except. block.

D.

Add an if/else conditional.

Buy Now
Question # 100

A tester needs to begin capturing WLAN credentials for cracking during an on-site engagement. Which of the following is the best command to capture handshakes?

Options:

A.

tcpdump -n -s0 -w < pcapname > -i < iface >

B.

airserv-ng -d < iface >

C.

aireplay-ng -0 1000 -a < target_mac >

D.

airodump-ng -c 6 --bssid < target_mac > < iface >

Buy Now
Question # 101

During an assessment of a company, a penetration tester sends the following email to the company’s Chief Financial Officer (CFO):

Dear CFO,

As we talked about during a recent meeting, please open the following attachment that contains the invoice for an existing vendor. If you do not pay this now, we will suspend the licenses for your billing system in three days.

GoPay CMS Systems Services

Which of the following techniques is this attack an example of?

Options:

A.

Whaling

B.

Phishing

C.

Spear phishing

D.

Vishing

Buy Now
Question # 102

A penetration tester has discovered sensitive files on a system. Assuming exfiltration of the files is part of the scope of the test, which of the following is most likely to evade DLP systems?

Options:

A.

Encoding the data and pushing through DNS to the tester ' s controlled server.

B.

Padding the data and uploading the files through an external cloud storage service.

C.

Obfuscating the data and pushing through FTP to the tester ' s controlled server.

D.

Hashing the data and emailing the files to the tester ' s company inbox.

Buy Now
Question # 103

A penetration tester must identify hosts without alerting an IPS. The tester has access to a local network segment. Which of the following is the most logical action?

Options:

A.

Performing reverse DNS lookups

B.

Utilizing Nmap using a ping sweep

C.

Conducting LLMNR poisoning using Responder

D.

Viewing the local routing table on the host

Buy Now
Exam Code: PT0-003
Exam Name: CompTIA PenTest+ Exam
Last Update: Jul 5, 2026
Questions: 336
PT0-003 pdf

PT0-003 PDF

$25.5  $84.99
PT0-003 Engine

PT0-003 Testing Engine

$28.5  $94.99
PT0-003 PDF + Engine

PT0-003 PDF + Testing Engine

$40.5  $134.99