Summer Special Limited Time 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: big60

CompTIA Updated PT0-003 Exam Questions and Answers by tony

Page: 3 / 18

CompTIA PT0-003 Exam Overview :

Exam Name: CompTIA PenTest+ Exam
Exam Code: PT0-003 Dumps
Vendor: CompTIA Certification: PenTest+
Questions: 252 Q&A's Shared By: tony
Question 12

A penetration tester identifies the following open ports during a network enumeration scan:

PORT STATE SERVICE

22/tcp open ssh

80/tcp open http

111/tcp open rpcbind

443/tcp open https

27017/tcp open mongodb

50123/tcp open ms-rpc

Which of the following commands did the tester use to get this output?

Options:

A.

nmap -Pn -A 10.10.10.10

B.

nmap -sV 10.10.10.10

C.

nmap -Pn -w 10.10.10.10

D.

nmap -sV -Pn -p- 10.10.10.10

Discussion
Question 13

Which of the following are valid reasons for including base, temporal, and environmental CVSS metrics in the findings section of a penetration testing report? (Select two).

Options:

A.

Providing details on how to remediate vulnerabilities

B.

Helping to prioritize remediation based on threat context

C.

Including links to the proof-of-concept exploit itself

D.

Providing information on attack complexity and vector

E.

Prioritizing compliance information needed for an audit

F.

Adding risk levels to each asset

Discussion
Question 14

During an external penetration test, a tester receives the following output from a tool:

test.comptia.org

info.comptia.org

vpn.comptia.org

exam.comptia.org

Which of the following commands did the tester most likely run to get these results?

Options:

A.

nslookup -type=SOA comptia.org

B.

amass enum -passive -d comptia.org

C.

nmap -Pn -sV -vv -A comptia.org

D.

shodan host comptia.org

Discussion
Marley
Hey, I heard the good news. I passed the certification exam!
Jaxson Aug 11, 2025
Yes, I passed too! And I have to say, I couldn't have done it without Cramkey Dumps.
Walter
Yayyy!!! I passed my exam with the help of Cramkey Dumps. Highly appreciated!!!!
Angus Aug 25, 2025
YES….. I saw the same questions in the exam.
Inaaya
Are these Dumps worth buying?
Fraser Aug 12, 2025
Yes, of course, they are necessary to pass the exam. They give you an insight into the types of questions that could come up and help you prepare effectively.
Nia
Why are these Dumps so important for students these days?
Mary Aug 9, 2025
With the constantly changing technology and advancements in the industry, it's important for students to have access to accurate and valid study material. Cramkey Dumps provide just that. They are constantly updated to reflect the latest changes and ensure that the information is up-to-date.
Question 15

A penetration tester is performing a cloud-based penetration test against a company. Stakeholders have indicated the priority is to see if the tester can get into privileged systems that are not directly accessible from the internet. Given the following scanner information:

Server-side request forgery (SSRF) vulnerability in test.comptia.org

Reflected cross-site scripting (XSS) vulnerability in test2.comptia.org

Publicly accessible storage system named static_comptia_assets

SSH port 22 open to the internet on test3.comptia.org

Open redirect vulnerability in test4.comptia.org

Which of the following attack paths should the tester prioritize first?

Options:

A.

Synchronize all the information from the public bucket and scan it with Trufflehog.

B.

Run Pacu to enumerate permissions and roles within the cloud-based systems.

C.

Perform a full dictionary brute-force attack against the open SSH service using Hydra.

D.

Use the reflected cross-site scripting attack within a phishing campaign to attack administrators.

E.

Leverage the SSRF to gain access to credentials from the metadata service.

Discussion
Page: 3 / 18

PT0-003
PDF

$42  $104.99

PT0-003 Testing Engine

$50  $124.99

PT0-003 PDF + Testing Engine

$66  $164.99