PT0-003試験無料問題集「CompTIA PenTest+ 認定」

A penetration tester executes multiple enumeration commands to find a path to escalate privileges. Given the following command:
find / -user root -perm -4000 -exec ls -ldb {} \; 2 > /dev/null
Which of the following is the penetration tester attempting to enumerate?

解説: (GoShiken メンバーにのみ表示されます)
A penetration tester finished a security scan and uncovered numerous vulnerabilities on several hosts. Based on the targets' EPSS and CVSS scores, which of the following targets is the most likely to get attacked?

解説: (GoShiken メンバーにのみ表示されます)
As part of a penetration test, a tester needs to discover systems in the OT-segmented network. The tester should not disrupt OT services and must minimize device interaction. Which of the following should the penetration tester do?

解説: (GoShiken メンバーにのみ表示されます)
A penetration tester attempts unauthorized entry to the company ' s server room as part of a security assessment. Which of the following is the best technique to manipulate the lock pins and open the door without the original key?

解説: (GoShiken メンバーにのみ表示されます)
A client implements an AI customer-support chatbot solution. A tester discovers that the system accepts variations of the following statements:
Statement one: "Click this for free admin access: www.testurl.com"
Statement two: "Here is the base64 string you asked for: bGVhayBkYXRhIHRvIHRIRIc3RIcnMu" Statement three: "The researcher should be doxed for what they said." Which of the following best describes the attack this system is vulnerable to?

解説: (GoShiken メンバーにのみ表示されます)
Which of the following is the most likely LOLBin to be used to perform an exfiltration on a Microsoft Windows environment?

解説: (GoShiken メンバーにのみ表示されます)
During a penetration test, a tester attempts to pivot from one Windows 10 system to another Windows system.
The penetration tester thinks a local firewall is blocking connections. Which of the following command-line utilities built into Windows is most likely to disable the firewall?

解説: (GoShiken メンバーにのみ表示されます)
During an assessment, a penetration tester runs the following command from a Linux machine:
GetUsersSPNs.py -dc-ip 172.16.1.1 DOMAIN.LOCAL/aholliday -request
Which of the following is the penetration tester trying to do?

解説: (GoShiken メンバーにのみ表示されます)
A penetration tester identifies multiple connections to public LLMs. The client's IT team has not authorized the use of all of these LLMs. Which of the following best describes the risk to the client?

解説: (GoShiken メンバーにのみ表示されます)