| Exam Name: | CompTIA PenTest+ Exam | ||
| Exam Code: | PT0-003 Dumps | ||
| Vendor: | CompTIA | Certification: | PenTest+ |
| Questions: | 330 Q&A's | Shared By: | dean |
A penetration tester receives the following output when enumerating a local user:
User compromised_user may run the following commands on localhost:
root (NO PASSWD): /bin/vim
The tester suspects that another host on the same subnet is also vulnerable. Which of the following is the best method to validate whether the other host is vulnerable?
During a vulnerability assessment, a penetration tester configures the scanner sensor and performs the initial vulnerability scanning under the client ' s internal network. The tester later discusses the results with the client, but the client does not accept the results. The client indicates the host and assets that were within scope are not included in the vulnerability scan results. Which of the following should the tester have done?
During a penetration test, the tester gains full access to the application ' s source code. The application repository includes thousands of code files. Given that the assessment timeline is very short, which of the following approaches would allow the tester to identify hard-coded credentials most effectively?
A penetration tester completed OSINT work and needs to identify all subdomains for mydomain.com. Which of the following is the best command for the tester to use?