FreeQAs
 Request Exam  Contact
  • Home
  • View All Exams
  • New QA's
  • Upload
PRACTICE EXAMS:
  • Oracle
  • Fortinet
  • Juniper
  • Microsoft
  • Cisco
  • Citrix
  • CompTIA
  • VMware
  • ISC
  • SAP
  • EMC
  • PMI
  • HP
  • Salesforce
  • Other
  • Oracle
    Oracle
  • Fortinet
    Fortinet
  • Juniper
    Juniper
  • Microsoft
    Microsoft
  • Cisco
    Cisco
  • Citrix
    Citrix
  • CompTIA
    CompTIA
  • VMware
    VMware
  • ISC
    ISC
  • SAP
    SAP
  • EMC
    EMC
  • PMI
    PMI
  • HP
    HP
  • Salesforce
    Salesforce
  1. Home
  2. CompTIA Certification
  3. PT0-003 Exam
  4. CompTIA.PT0-003.v2026-01-26.q136 Dumps
  • ««
  • «
  • …
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • …
  • »
  • »»
Download Now

Question 46

A penetration tester is performing an assessment against a customer's web application that is hosted in a major cloud provider's environment. The penetration tester observes that the majority of the attacks attempted are being blocked by the organization's WAF. Which of the following attacks would be most likely to succeed?

Correct Answer: D
When a web application firewall (WAF) is blocking most of the attacks, a direct-to-origin attack is likely to succeed. A direct-to-origin attack targets the backend servers directly, bypassing the WAF. This type of attack exploits any functionality that allows direct access to the origin servers (backend servers) without passing through the WAF. Techniques such as manipulating DNS, exploiting misconfigurations, or using direct IP access can be employed to bypass the WAF, making direct-to- origin attacks effective under these circumstances.
insert code

Question 47

A penetration tester is conducting a wireless security assessment for a client with 2.4GHz and 5GHz access points. The tester places a wireless USB dongle in the laptop to start capturing WPA2 handshakes. Which of the following steps should the tester take next?

Correct Answer: A
Enabling monitoring mode on the wireless adapter is the essential step before capturing WPA2 handshakes.
Monitoring mode allows the adapter to capture all wireless traffic in its vicinity, which is necessary for capturing handshakes.
Preparation:
Wireless USB Dongle: Ensure the wireless USB dongle is compatible with monitoring mode and packet injection.
Aircrack-ng Suite: Use the Aircrack-ng suite, a popular set of tools for wireless network auditing.
Enable Monitoring Mode:
Command: Use the airmon-ng tool to enable monitoring mode on the wireless interface.
Step-by-Step Explanationairmon-ng start wlan0
Verify: Check if the interface is in monitoring mode.
iwconfig
Capture WPA2 Handshakes:
Airodump-ng: Use airodump-ng to start capturing traffic and handshakes.
airodump-ng wlan0mon
References from Pentesting Literature:
Enabling monitoring mode is a fundamental step in wireless penetration testing, discussed in guides like
"Penetration Testing - A Hands-on Introduction to Hacking".
HTB write-ups often start with enabling monitoring mode before proceeding with capturing WPA2 handshakes.
References:
Penetration Testing - A Hands-on Introduction to Hacking
HTB Official Writeups
insert code

Question 48

A penetration tester successfully gained access to manage resources and services within the company's cloud environment. This was achieved by exploiting poorly secured administrative credentials that had extensive permissions across the network. Which of the following credentials was the tester able to obtain?

Correct Answer: A
IAM (Identity and Access Management) credentials are used to control and manage access to cloud services and resources. When a penetration tester obtains IAM credentials, especially those with administrative privileges, they can perform high-level operations such as provisioning services, modifying configurations, or accessing sensitive data across the cloud environment.
* SSH keys would only grant access to a specific instance, not cloud-wide services.
* Cloud storage credentials are limited to storage access, not administrative capabilities.
* Temporary security credentials (STS) provide limited-time access and are not typically used for broad administrative tasks.
insert code

Question 49

A tester gains initial access to a server and needs to enumerate all corporate domain DNS records. Which of the following commands should the tester use?

Correct Answer: C
La opcion C, dig axfr @local.dns.server, realiza una transferencia de zona DNS (Zone Transfer). Si el servidor DNS esta mal configurado y permite este tipo de solicitudes, el atacante puede obtener todos los registros DNS del dominio interno.
La opcion A muestra solo registros A/AAAA. La B no hace enumeracion completa. La D no es valida como sintaxis.
Referencia: PT0-003 Objective 3.3 - Perform domain enumeration using dig and DNS zone transfer techniques.
insert code

Question 50

During an assessment, a penetration tester runs the following command:
setspn.exe -Q /
Which of the following attacks is the penetration tester preparing for?

Correct Answer: C
Kerberoasting is an attack that involves requesting service tickets for service accounts from a Kerberos service, extracting the service tickets, and attempting to crack them offline to retrieve the plaintext passwords.
* Understanding Kerberoasting:
* Purpose: To obtain service account passwords by cracking the encrypted service tickets (TGS tickets) offline.
* Service Principal Names (SPNs): SPNs are used in Kerberos authentication to uniquely identify a service instance.
* Command Breakdown:
* setspn.exe -Q /: This command queries all SPNs in the domain.
* Use Case: Identifying accounts with SPNs that can be targeted for Kerberoasting.
* Kerberoasting Steps:
* Identify SPNs: Use setspn.exe to list service accounts with SPNs.
* Request TGS Tickets: Request TGS tickets for the identified SPNs.
* Extract Tickets: Use tools like Mimikatz to extract the service tickets.
* Crack Tickets: Use password cracking tools like Hashcat to crack the extracted tickets offline.
* References from Pentesting Literature:
* Kerberoasting is a well-documented attack method in penetration testing guides, specifically targeting service accounts in Active Directory environments.
* HTB write-ups often detail the use of Kerberoasting for gaining credentials from service accounts.
Step-by-Step ExplanationReferences:
* Penetration Testing - A Hands-on Introduction to Hacking
* HTB Official Writeups
insert code
  • ««
  • «
  • …
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • …
  • »
  • »»
[×]

Download PDF File

Enter your email address to download CompTIA.PT0-003.v2026-01-26.q136 Dumps

Email:

FreeQAs

Our website provides the Largest and the most Latest vendors Certification Exam materials around the world.

Using dumps we provide to Pass the Exam, we has the Valid Dumps with passing guranteed just which you need.

  • DMCA
  • About
  • Contact Us
  • Privacy Policy
  • Terms & Conditions
©2026 FreeQAs

www.freeqas.com materials do not contain actual questions and answers from Cisco's certification exams.