Skip to main content
CompTIA ⭐ Premium ⭐ Featured

CompTIA PenTest+ (PT0-003)

By Webmaster Certland English 📝 340 questions ❤️ 0 likes

Practice exam for the CompTIA PenTest+ PT0-003 certification. Covers all 5 official exam domains: Engagement Management, Reconnaissance and Enumeration, Vulnerability Discovery and Analysis, Attacks and Exploits, and Post-Exploitation and Lateral Movement.

⭐ Premium Updated Mar 2026

Unlock all 340 CompTIA PenTest+ (PT0-003) questions

Full simulation · Detailed explanations · Unlimited attempts

  • 340 questions — ~5 full-length simulations
  • Detailed explanations — why each answer is right or wrong
  • Unlimited attempts — retake as many times as needed
  • Smart Practice + Focus Mode + no ads
340
Questions
All certifications
from $4.90/mo
⭐ Get Premium — $4.90/mo ▶ Try 5 questions free

Sample Questions — CompTIA PenTest+ (PT0-003)

5 free sample questions from this practice exam. Correct answers are highlighted.

1. A penetration tester is about to begin an engagement for a financial services company. Before any testing begins, which document formally authorizes the tester to conduct offensive security activities against the client's systems?

A A signed Non-Disclosure Agreement (NDA)
B A signed Statement of Work (SoW) with explicit permission to test ✓ Correct
C A signed Master Service Agreement (MSA)
D A signed project charter

2. A security consultant is preparing pre-engagement documentation for a new client. The client wants to ensure that any sensitive business information shared during the engagement remains confidential. Which document should the consultant prioritize obtaining FIRST?

A Non-Disclosure Agreement (NDA) ✓ Correct
B Statement of Work (SoW)
C Rules of Engagement (RoE)
D Penetration testing report

3. A penetration tester is hired to assess a company that uses AWS-hosted infrastructure. The client provides written authorization for testing. Which additional step is MOST important before testing the cloud-hosted assets?

A Confirm the full IP range and asset list with the client
B Sign a mutual NDA with the client before proceeding
C Obtain explicit permission from the cloud provider per their penetration testing policy ✓ Correct
D Deploy a vulnerability scanner immediately to baseline the environment

4. A penetration tester is scoping an engagement and the client wants to test all systems on the corporate network. Which element of the scoping process ensures the tester knows exactly which IP addresses and network ranges are authorized targets?

A Rules of Engagement (RoE)
B Target list with defined IP ranges and network CIDR blocks ✓ Correct
C Non-Disclosure Agreement (NDA)
D Communication plan

5. During an engagement kickoff meeting, the client states that testing must not disrupt production systems during business hours. This restriction should be documented in which section of the pre-engagement paperwork?

A Rules of Engagement (RoE) ✓ Correct
B Statement of Work (SoW)
C Non-Disclosure Agreement (NDA)
D Executive summary

Want to test yourself for real?

Create a free account and run our exam simulation engine.

Free No credit card
  • Simulation engine
  • Up to 10 questions per attempt
  • Score & basic stats
Create free account Already have an account? Sign in
Best
Premium Premium
  • All 340 questions
  • Detailed explanations
  • Smart Practice + Focus Mode
⭐ Get Premium

Information

Questions 340
Time 2h 45min
Difficulty Hard
Minimum Score 75.00%
▶ Try 5 questions — no account needed ⭐ Unlock all questions — Premium 🤍 Like

💰 ROI

Official exam $404.00
CertLand $4.90/mo
Prepare for $404 for less than a coffee/mo

Study Guides & Articles

Free

How to Pass CompTIA PenTest+ (PT0-003) in 2026: Complete Study Guide

PenTest+ PT0-003 is CompTIA's updated penetration testing certification with new coverage of AI/ML security testing, cloud pen testing, and API vulnerabilities. This guide covers all 5 domains, what changed from PT0-002, and an 8-week study plan with hands-on lab recommendations.
⭐ Premium

PenTest+ Deep Dive: Exploitation Techniques, Post-Exploitation, and Lateral Movement

Attacks and Exploits (23%) and Post-Exploitation and Lateral Movement (21%) are the highest-weight PenTest+ domains. This guide covers web application attacks, privilege escalation techniques, lateral movement methods, pivoting, persistence mechanisms, and the tools the exam expects you to know.
⭐ Premium

CompTIA PenTest+ PT0-003 Exam Traps: Tools, Reporting & Legal Gotchas

Avoid the most common PenTest+ PT0-003 mistakes. Learn which tools, reporting formats, and legal concepts trip up candidates on exam day.

Related Exams

⭐ Premium

CompTIA A+ Core 1 (220-1201)

340 questions · English
⭐ Premium

CompTIA A+ Core 2 (220-1202)

340 questions · English
⭐ Premium

CompTIA Network+ (N10-009)

340 questions · English
⭐ Premium

CompTIA Security+ (SY0-701)

340 questions · English

Discussion

No comments yet. Be the first to start the discussion!

Sign in to join the discussion.