Skip to main content
Cybersecurity ⭐ Premium

CompTIA PenTest+ (PT0-003) - 340 Questions

By Webmaster Certland ❤️ 0 likes

Practice exam for the CompTIA PenTest+ PT0-003 certification. Covers all 5 official exam domains: Engagement Management, Reconnaissance and Enumeration, Vulnerability Discovery and Analysis, Attacks and Exploits, and Post-Exploitation and Lateral Movement.

🔒

Premium Content

This exam is exclusive to Premium users. Upgrade to get unlimited access!

Become Premium

👁️ Free Preview (5 of 340 questions)

1. A penetration tester is about to begin an engagement for a financial services company. Before any testing begins, which document formally authorizes the tester to conduct offensive security activities against the client's systems?

A A signed Non-Disclosure Agreement (NDA)
B A signed Statement of Work (SoW) with explicit permission to test
C A signed Master Service Agreement (MSA)
D A signed project charter

2. A security consultant is preparing pre-engagement documentation for a new client. The client wants to ensure that any sensitive business information shared during the engagement remains confidential. Which document should the consultant prioritize obtaining FIRST?

A Non-Disclosure Agreement (NDA)
B Statement of Work (SoW)
C Rules of Engagement (RoE)
D Penetration testing report

3. A penetration tester is hired to assess a company that uses AWS-hosted infrastructure. The client provides written authorization for testing. Which additional step is MOST important before testing the cloud-hosted assets?

A Confirm the full IP range and asset list with the client
B Sign a mutual NDA with the client before proceeding
C Obtain explicit permission from the cloud provider per their penetration testing policy
D Deploy a vulnerability scanner immediately to baseline the environment

4. A penetration tester is scoping an engagement and the client wants to test all systems on the corporate network. Which element of the scoping process ensures the tester knows exactly which IP addresses and network ranges are authorized targets?

A Rules of Engagement (RoE)
B Target list with defined IP ranges and network CIDR blocks
C Non-Disclosure Agreement (NDA)
D Communication plan

5. During an engagement kickoff meeting, the client states that testing must not disrupt production systems during business hours. This restriction should be documented in which section of the pre-engagement paperwork?

A Rules of Engagement (RoE)
B Statement of Work (SoW)
C Non-Disclosure Agreement (NDA)
D Executive summary

Want to test yourself for real?

Create a free account and run our exam simulation engine.

Free No credit card
  • Simulation engine
  • Up to 10 questions per attempt
  • Score & basic stats
Create free account Already have an account? Sign in
Best
Premium Premium
  • All 340 questions
  • Detailed explanations
  • Smart Practice + Focus Mode
⭐ Get Premium

Information

Questions 340
Time 2h 45min
Difficulty Hard
Minimum Score 75.00%
▶ Try 5 questions — no account needed 🔒 Unlock all questions — Premium 🤍 Like

Related Exams

⭐ Premium

Microsoft Azure Security Technologies (AZ-500) - 340 Questions

340 questions · 0 attempts
⭐ Premium

Microsoft Cybersecurity Architect (SC-100) - 340 Questions

340 questions · 0 attempts
⭐ Premium

Microsoft Identity and Access Administrator (SC-300) - 340 Questions

340 questions · 0 attempts
⭐ Premium

AWS Certified Security Specialty (SCS-C03) - 340 Questions

340 questions · 0 attempts

Discussion

No comments yet. Be the first to start the discussion!

Sign in to join the discussion.