Comptia certification-questions online Pt0-003 Questions Video by Dean q60 vce pdf

Page: 14 / 18

Exam Name:	CompTIA PenTest+ Exam
Exam Code:	PT0-003 Dumps
Vendor:	CompTIA	Certification:	PenTest+
Questions:	252 Q&A's	Shared By:	dean

Question 56

A penetration tester presents the following findings to stakeholders:

Control | Number of findings | Risk | Notes

Encryption | 1 | Low | Weak algorithm noted

Patching | 8 | Medium | Unsupported systems

System hardening | 2 | Low | Baseline drift observed

Secure SDLC | 10 | High | Libraries have vulnerabilities

Password policy | 0 | Low | No exceptions noted

Based on the findings, which of the following recommendations should the tester make? (Select two).

Options:

Develop a secure encryption algorithm.

Deploy an asset management system.

Write an SDLC policy.

Implement an SCA tool.

Obtain the latest library version.

Patch the libraries.

Discussion

Answer:

D, E

Explanation:

Based on the findings, the focus should be on addressing vulnerabilities in libraries and ensuring their security. Here’s why options D and E are correct:

Implement an SCA Tool:

SCA (Software Composition Analysis) tools are designed to analyze and manage open-source components in an application. Implementing an SCA tool would help in identifying and managing vulnerabilities in libraries, aligning with the finding of vulnerable libraries in the secure SDLC process.

This recommendation addresses the high-risk finding related to the Secure SDLC by providing a systematic approach to manage and mitigate vulnerabilities in software dependencies.

Obtain the Latest Library Version:

Keeping libraries up to date is a fundamental practice in maintaining the security of an application. Ensuring that the latest, most secure versions of libraries are used directly addresses the high-risk finding related to vulnerable libraries.

This recommendation is a direct and immediate action to mitigate the identified vulnerabilities.

Other Options Analysis:

Develop a Secure Encryption Algorithm: This is not practical or necessary given that the issue is with the use of a weak algorithm, not the need to develop a new one.

Deploy an Asset Management System: While useful, this is not directly related to the identified high-risk issue of vulnerable libraries.

Write an SDLC Policy: While helpful, the more immediate and effective actions involve implementing tools and processes to manage and update libraries.

References from Pentest:

Horizontall HTB: Demonstrates the importance of managing software dependencies and using tools to identify and mitigate vulnerabilities in libraries.

Writeup HTB: Highlights the need for keeping libraries updated to ensure application security and mitigate risks.

Conclusion:

Options D and E, implementing an SCA tool and obtaining the latest library version, are the most appropriate recommendations to address the high-risk finding related to vulnerable libraries in the Secure SDLC process.

=================

Alaya

Best Dumps among other dumps providers. I like it so much because of their authenticity.

Kaiden Sep 25, 2025

That's great. I've used other dump providers in the past and they were often outdated or had incorrect information. This time I will try it.

Lois

I passed my exam with wonderful score. Their dumps are 100% valid and I felt confident during the exam.

Ernie Sep 5, 2025

Absolutely. The best part is, the answers in the dumps were correct. So, I felt confident and well-prepared for the exam.

Laila

They're such a great resource for anyone who wants to improve their exam results. I used these dumps and passed my exam!! Happy customer, always prefer. Yes, same questions as above I know you guys are perfect.

Keira Sep 3, 2025

100% right….And they're so affordable too. It's amazing how much value you get for the price.

Miriam

Highly recommended Dumps. 100% authentic and reliable. Passed my exam with wonderful score.

Milan Sep 7, 2025

I see. Thanks for the information. I'll definitely keep Cramkey in mind for my next exam.

Vienna

I highly recommend them. They are offering exact questions that we need to prepare our exam.

Jensen Sep 25, 2025

That's great. I think I'll give Cramkey a try next time I take a certification exam. Thanks for the recommendation!

Question 57

A penetration tester runs a network scan but has some issues accurately enumerating the vulnerabilities due to the following error:

OS identification failed

Which of the following is most likely causing this error?

Options:

The scan did not reach the target because of a firewall block rule.

The scanner database is out of date.

The scan is reporting a false positive.

The scan cannot gather one or more fingerprints from the target.

Discussion

Question 58

Which of the following will reduce the possibility of introducing errors or bias in a penetration test report?

Options:

Secure distribution

Peer review

Use AI

Goal reprioritization

Discussion

Question 59

A penetration tester aims to exploit a vulnerability in a wireless network that lacks proper encryption. The lack of proper encryption allows malicious content to infiltrate the network. Which of the following techniques would most likely achieve the goal?

Options:

Packet injection

Bluejacking

Beacon flooding

Signal jamming