The purpose of this Sample Question Set is to provide you with information about the CompTIA PenTest+ exam. These sample questions will make you very familiar with both the type and the difficulty level of the questions on the PT0-001 certification test. To get familiar with real exam environment, we suggest you try our Sample CompTIA PenTest+ Certification Practice Exam. This sample practice exam gives you the feeling of reality and is a clue to the questions asked in the actual CompTIA PenTest+ certification exam.
These sample questions are simple and basic questions that represent likeness to the real CompTIA PT0-001 exam questions. To assess your readiness and performance with real time scenario based questions, we suggest you prepare with our Premium CompTIA PenTest+ Certification Practice Exam. When you solve real time scenario based questions practically, you come across many difficulties that give you an opportunity to improve.
CompTIA PT0-001 Sample Questions:
01. Which of the following can be used with John the Ripper to crack passwords?
02. What elements should you be sure to remove from an exploited system before finalizing a penetration test?
a) User accounts created
b) Shells spawned
c) Any files left behind
d) Administrator account
03. When running an Nmap SYN scan, what will be the Nmap result if ports on the target device do not respond?
04. You can find XSS vulnerabilities in which of the following?
a) Search fields that echo a search string back to the user
b) HTTP headers
c) Input fields that echo user data
d) All of the above
05. A potential customer is looking to test the security of its network. One of the customer’s primary concerns is the security awareness of its employees.
Which type of test would you recommend that the company perform as part of the penetration test?
a) Social engineering testing
b) Wireless testing
c) Network testing
d) Web application testing
06. Which tool included in Kali is most helpful in compiling a quality penetration testing report?
07. Software developers should escape all characters (including spaces but excluding alphanumeric characters) with the HTML entity &#xHH; format to prevent what type of attack?
a) DDoS attacks
b) XSS attacks
c) CSRF attacks
d) Brute-force attacks
08. The SELinux and AppArmor security frameworks include enforcement rules that attempt to prevent which of the following attacks?
a) Lateral movement
b) Sandbox escape
c) Cross-site request forgery (CSRF)
d) Cross-site- scripting (XSS)
09. A _______ vulnerability scan would typically be focused on a specific set of requirements.
10. Which of the following can be used for post-exploitation activities?
Answer: a, b, c
Note: For any error in CompTIA PenTest+ (PT0-001) certification exam sample questions, please update us by writing an email on firstname.lastname@example.org.