PT0-003 Practice Exam Questions and Answers

While conducting a reconnaissance activity, a penetration tester extracts the following information:

Emails: - admin@acme.com - sales@acme.com - support@acme.com

Which of the following risks should the tester use to leverage an attack as the next step in the security assessment?

While performing an internal assessment, a tester uses the following command:

crackmapexec smb 192.168.1.0/24 -u user.txt -p Summer123@

Which of the following is the main purpose of the command?

A penetration tester is conducting a vulnerability scan. The tester wants to see any vulnerabilities that may be visible from outside of the organization. Which of the following scans should the penetration tester perform?

A penetration tester finished a security scan and uncovered numerous vulnerabilities on several hosts. Based on the targets' EPSS and CVSS scores, which of the following targets is the most likely to get attacked?

A penetration tester needs to confirm the version number of a client's web application server. Which of the following techniques should the penetration tester use?

During an assessment, a penetration tester runs the following command:

setspn.exe -Q /

Which of the following attacks is the penetration tester preparing for?

Given the following statements:

Implement a web application firewall.

Upgrade end-of-life operating systems.

Implement a secure software development life cycle.

In which of the following sections of a penetration test report would the above statements be found?

dnscmd.exe /config /serverlevelplugindll C:\users\necad-TA\Documents\adduser.dll

Which of the following is the penetration tester trying to achieve?