CompTIA PenTest+ Certification Exam

Here you have the best CompTIA PT0-001 practice exam questions

You have 196 total questions to study from
Each page has 5 questions, making a total of 40 pages
You can navigate through the pages using the buttons at the bottom
This questions were last updated on October 28, 2025
This site is not affiliated with or endorsed by CompTIA.

Question 1 of 196

DRAG DROP -
Place each of the following passwords in order of complexity from least complex (1) to most complex (4), based on the character sets represented. Each password may be used only once.
Select and Place:
Exam PT0-001: Question 1 - Image 1

Correct Answer:

Question 2 of 196

DRAG DROP -
A manager calls upon a tester to assist with diagnosing an issue within the following Python script:
#!/usr/bin/python
s = `Administrator`
The tester suspects it is an issue with string slicing and manipulation. Analyze the following code segment and drag and drop the correct output for each string manipulation to its corresponding code segment. Options may be used once or not at all.
Select and Place:
Exam PT0-001: Question 2 - Image 1

Correct Answer:

Question 3 of 196

A penetration tester has compromised a Windows server and is attempting to achieve persistence. Which of the following would achieve that goal?

schtasks.exe /create/tr ג€powershell.exeג€ Sv.ps1 /run

net session server | dsquery -user | net use c$

powershell && set-executionpolicy unrestricted

reg save HKLM\System\CurrentControlSet\Services\Sv.reg

Correct Answer: A

A penetration tester attempting to achieve persistence on a compromised Windows server would likely use the Task Scheduler (schtasks.exe) to create a task that runs a script or executable at specific intervals or events, such as system startup or user logon. The command 'schtasks.exe /create' is used to set up such scheduled tasks. This method ensures that the malicious code will be executed repeatedly, thus maintaining persistence even after system reboots. While the option provided is not entirely correct, it indicates an intention to create a scheduled task, which is a common method for achieving persistence.

Question 4 of 196

A client has scheduled a wireless penetration test. Which of the following describes the scoping target information MOST likely needed before testing can begin?

The physical location and network ESSIDs to be tested

The number of wireless devices owned by the client

The client's preferred wireless access point vendor

The bands and frequencies used by the client's devices

Correct Answer: A

Before conducting a wireless penetration test, it is essential to know the physical location and the network ESSIDs to be tested. This ensures that the tester targets the correct network and avoids any legal issues that could arise from inadvertently accessing unauthorized or neighboring networks. Knowing the exact network ESSIDs helps in identifying the correct access points, especially in environments where multiple networks might be present.

Question 5 of 196

Which of the following BEST describes some significant security weaknesses with an ICS, such as those used in electrical utility facilities, natural gas facilities, dams, and nuclear facilities?

ICS vendors are slow to implement adequate security controls.

ICS staff are not adequately trained to perform basic duties.

There is a scarcity of replacement equipment for critical devices.

There is a lack of compliance for ICS facilities.

Correct Answer: A

ICS vendors are slow to implement adequate security controls. This aligns with well-documented issues in the field where vendors take a significant amount of time to address and patch vulnerabilities. Furthermore, security weaknesses in ICS often stem from inadequate input validation, poor access controls, and issues with security configuration, all of which fall under the purview of vendors. Therefore, the slow response by vendors in implementing necessary security measures represents a significant weakness.