CompTIA CompTIA Certifications PT0-003 Questions & Answers

• Question 81:

  A penetration tester recently performed a social-engineering attack in which the tester found an employee of the target company at a local coffee shop and over time built a relationship with the employee. On the employee's birthday, the tester

  gave the employee an external hard drive as a gift.

  Which of the following social-engineering attacks was the tester utilizing?

  A. Phishing

  B. Tailgating

  C. Baiting

  D. Shoulder surfing

  Correct Answer: C

  Reference: https://phoenixnap.com/blog/what-is-social-engineering-types-of-threats

• Question 82:

  A penetration tester has obtained a low-privilege shell on a Windows server with a default configuration and now wants to explore the ability to exploit misconfigured service permissions. Which of the following commands would help the tester START this process?

  A. certutil 璾rlcache 璼plit

  Correct Answer: A

  https://www.bleepingcomputer.com/news/security/certutilexe-could-allow-attackers-to- download-malware-while-bypassing-av/ --- https://docs.microsoft.com/en-us/sysinternals/downloads/accesschk

  The certutil command is a Windows utility that can be used to manipulate certificates and certificate authorities. However, it can also be abused by attackers to download files from remote servers using the -urlcache option. In this case, the command downloads accesschk64.exe from http://192.168.2.124/windows-binaries/ and saves it locally. Accesschk64.exe is a tool that can be used to check service permissions and identify potential privilege escalation vectors. The other commands are not relevant for this purpose. Powershell is a scripting language that can be used to perform various tasks, but in this case it uploads a file instead of downloading one. Schtasks is a command that can be used to create or query scheduled tasks, but it does not help with service permissions. Wget is a Linux command that can be used to download files from the web, but it does not work on Windows by default.

• Question 83:

  Which of the following expressions in Python increase a variable val by one (Choose two.)

  A. val++

  B. +val

  C. val=(val+1)

  D. ++val

  E. val=val++

  F. val+=1

  Correct Answer: CF

  In Python, there are two ways to increase a variable by one: using the assignment operator (=) with an arithmetic expression, or using the augmented assignment operator (+=). The expressions val=(val+1) and val+=1 both achieve this goal. The expressions val++ and ++val are not valid in Python, as there is no increment operator. The expressions +val and val=val++ do not change the value of val2. https://pythonguides.com/increment-and-decrement-operators-in-python/

• Question 84:

  Which of the following documents describes specific activities, deliverables, and schedules for a penetration tester?

  A. NDA

  B. MSA

  C. SOW

  D. MOU

  Correct Answer: C

• Question 85:

  A penetration tester has prepared the following phishing email for an upcoming penetration test:

  

  Which of the following is the penetration tester using MOST to influence phishing targets to click on the link?

  A. Familiarity and likeness

  B. Authority and urgency

  C. Scarcity and fear

  D. Social proof and greed

  Correct Answer: B

• Question 86:

  A company has recruited a penetration tester to conduct a vulnerability scan over the network. The test is confirmed to be on a known environment. Which of the following would be the BEST option to identify a system properly prior to performing the assessment?

  A. Asset inventory B. DNS records

  C. Web-application scan

  D. Full scan

  Correct Answer: A

• Question 87:

  A penetration tester exploited a unique flaw on a recent penetration test of a bank. After the test was completed, the tester posted information about the exploit online along with the IP addresses of the exploited machines. Which of the following documents could hold the penetration tester accountable for this action?

  A. ROE

  B. SLA

  C. MSA

  D. NDA

  Correct Answer: D

• Question 88:

  A penetration tester needs to perform a test on a finance system that is PCI DSS v3.2.1 compliant. Which of the following is the MINIMUM frequency to complete the scan of the system?

  A. Weekly

  B. Monthly

  C. Quarterly

  D. Annually

  Correct Answer: C

  Quarterly is the minimum frequency to complete the scan of the system that is PCI DSS v3.2.1 compliant, according to Requirement 11.2.2 of the standard1. PCI DSS (Payment Card Industry Data Security Standard) is a set of security standards that applies to any organization that processes, stores, or transmits credit card information. Requirement 11.2.2 states that organizations must perform internal vulnerability scans at least quarterly and after any significant change in the network. https://www.pcicomplianceguide.org/faq/#25 PCI DSS requires quarterly vulnerability/penetration tests, not weekly.

• Question 89:

  A penetration tester who is performing a physical assessment of a company's security practices notices the company does not have any shredders inside the office building. Which of the following techniques would be BEST to use to gain confidential information?

  A. Badge cloning

  B. Dumpster diving

  C. Tailgating

  D. Shoulder surfing

  Correct Answer: B

• Question 90:

  The following PowerShell snippet was extracted from a log of an attacker machine: A penetration tester would like to identify the presence of an array. Which of the following line numbers would define the array?

  

  A. Line 8

  B. Line 13

  C. Line 19

  D. Line 20

  Correct Answer: A

  $X=2,4,6,8,9,20,5 $y=[System.Collections.ArrayList]$X $y.RemoveRange(1,2) As you can see the arrat has no brackets and no periods. IT HAS SEMICOLLINS TO SEPERATE THE LISTED ITEMS OR VALUES.