← Back to exam page

PT0-001 CompTIA PenTest+ Certification Exam

Loading demo links...

Showing 1–3 of 15 questions

Question 1

DRAG DROP

A manager calls upon a tester to assist with diagnosing an issue within the following Python script:

#!/usr/bin/python s = “Administrator”

The tester suspects it is an issue with string slicing and manipulation. Analyze the following code segment and drag and drop the correct output for each string manipulation to its corresponding code segment. Options may be used once or not at all.

Select and Place:

Answer is in the explanation below.

Question 2

SIMULATION

You are a penetration tester reviewing a client’s website through a web browser.

INSTRUCTIONS

Review all components of the website through the browser to determine if vulnerabilities are present.

Remediate ONLY the highest vulnerability from either the certificate, source, or cookies.

If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

Answer is in the explanation below.

Question 3

A penetration tester is able to move laterally throughout a domain with minimal roadblocks after compromising a single workstation. Which of the following mitigation strategies would be BEST to recommend in the report? (Select THREE).

Select all that apply, then click Submit answer.

  • Randomize local administrator credentials for each machine.

  • Disable remote logons for local administrators.

  • Require multifactor authentication for all logins.

  • Increase minimum password complexity requirements.

  • Apply additional network access control.

  • Enable full-disk encryption on every workstation.

  • Segment each host into its own VLAN.