Winter Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

PenTest+ PT0-003 Book

Page: 4 / 10
Total 131 questions

CompTIA PenTest+ Exam Questions and Answers

Question 13

A penetration tester would like to leverage a CSRF vulnerability to gather sensitive details from an application's end users. Which of the following tools should the tester use for this task?

Options:

A.

Browser Exploitation Framework

B.

Maltego

C.

Metasploit

D.

theHarvester

Question 14

After a recent penetration test was conducted by the company's penetration testing team, a systems administrator notices the following in the logs:

2/10/2023 05:50AM C:\users\mgranite\schtasks /query

2/10/2023 05:53AM C:\users\mgranite\schtasks /CREATE /SC DAILY

Which of the following best explains the team's objective?

Options:

A.

To enumerate current users

B.

To determine the users' permissions

C.

To view scheduled processes

D.

To create persistence in the network

Question 15

During a security assessment, a penetration tester gains access to an internal server and manipulates some data to hide its presence. Which of the following is the best way for the penetration tester to hide the activities performed?

Options:

A.

Clear the Windows event logs.

B.

Modify the system time.

C.

Alter the log permissions.

D.

Reduce the log retention settings.

Question 16

In a cloud environment, a security team discovers that an attacker accessed confidential information that was used to configure virtual machines during their initialization. Through which of the following features could this information have been accessed?

Options:

A.

IAM

B.

Block storage

C.

Virtual private cloud

D.

Metadata services

Page: 4 / 10
Total 131 questions