- Home
- CompTIA
- CompTIA PenTest+ Exam
- CompTIA.PT0-003.v2025-12-26.q113
- Question 110
Valid PT0-003 Dumps shared by ExamDiscuss.com for Helping Passing PT0-003 Exam! ExamDiscuss.com now offer the newest PT0-003 exam dumps, the ExamDiscuss.com PT0-003 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com PT0-003 dumps with Test Engine here:
Access PT0-003 Dumps Premium Version
(274 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 110/113
While performing reconnaissance, a penetration tester attempts to identify publicly accessible ICS (Industrial Control Systems) and IoT (Internet of Things) systems. Which of the following tools is most effective for this task?
Correct Answer: B
Shodan is a search engine that specializes in finding internet-connected devices, including ICS, IoT, webcams, routers, and servers. Attackers and security professionals use Shodan to scan for publicly accessible systems that may be vulnerable.
* Option A (theHarvester) #: theHarvester is primarily used for OSINT (Open-Source Intelligence) gathering, such as email addresses, subdomains, and hostnames, but it does not specialize in ICS/IoT discovery.
* Option B (Shodan) #: Correct. Shodan scans the internet for connected devices and services, allowing penetration testers to find ICS/IoT systems that are exposed.
* Option C (Amass) #: Amass is used for subdomain enumeration and DNS reconnaissance, not for ICS or IoT discovery.
* Option D (Nmap) #: Nmap is a port scanner that can identify live hosts and open ports, but it does not search for publicly available systems on a large scale like Shodan.
# Reference: CompTIA PenTest+ PT0-003 Official Guide - OSINT and Reconnaissance
* Option A (theHarvester) #: theHarvester is primarily used for OSINT (Open-Source Intelligence) gathering, such as email addresses, subdomains, and hostnames, but it does not specialize in ICS/IoT discovery.
* Option B (Shodan) #: Correct. Shodan scans the internet for connected devices and services, allowing penetration testers to find ICS/IoT systems that are exposed.
* Option C (Amass) #: Amass is used for subdomain enumeration and DNS reconnaissance, not for ICS or IoT discovery.
* Option D (Nmap) #: Nmap is a port scanner that can identify live hosts and open ports, but it does not search for publicly available systems on a large scale like Shodan.
# Reference: CompTIA PenTest+ PT0-003 Official Guide - OSINT and Reconnaissance
- Question List (113q)
- Question 1: Given the following script: $1 = [System.Security.Principal....
- Question 2: Which of the following is most important when communicating ...
- Question 3: During a security assessment, a penetration tester uses a to...
- Question 4: During an engagement, a penetration tester wants to enumerat...
- Question 5: A penetration tester currently conducts phishing reconnaissa...
- Question 6: A penetration tester successfully gained access to manage re...
- Question 7: A penetration tester wants to use PowerView in an AD environ...
- Question 8: Which of the following is within the scope of proper handlin...
- Question 9: During a penetration test, you gain access to a system with ...
- Question 10: Which of the following is the most efficient way to infiltra...
- Question 11: During a testing engagement, a penetration tester compromise...
- Question 12: A penetration tester needs to confirm the version number of ...
- Question 13: During an assessment, a penetration tester obtains access to...
- Question 14: A penetration tester needs to obtain sensitive data from sev...
- Question 15: A penetration tester creates a list of target domains that r...
- Question 16: A penetration tester is enumerating a Linux system. The goal...
- Question 17: A penetration tester needs to evaluate the order in which th...
- Question 18: A penetration tester needs to exploit a vulnerability in a w...
- Question 19: During a pre-engagement activity with a new customer, a pene...
- Question 20: A penetration tester is testing a power plant's network and ...
- Question 21: During an assessment, a penetration tester sends the followi...
- Question 22: A penetration tester is authorized to perform a DoS attack a...
- Question 23: During a vulnerability assessment, a penetration tester conf...
- Question 24: During a penetration test, the tester identifies several unu...
- Question 25: During a penetration test, a tester captures information abo...
- Question 26: During an assessment, a penetration tester exploits an SQLi ...
- Question 27: While conducting an assessment, a penetration tester identif...
- Question 28: A penetration tester needs to help create a threat model of ...
- Question 29: A penetration tester runs a network scan but has some issues...
- Question 30: During an assessment, a penetration tester runs the followin...
- Question 31: Which of the following could be used to enhance the quality ...
- Question 32: During an assessment, a penetration tester obtains a low-pri...
- Question 33: A penetration tester is getting ready to conduct a vulnerabi...
- Question 34: A penetration tester is performing a security review of a we...
- Question 35: A tester needs to begin capturing WLAN credentials for crack...
- Question 36: A penetration tester has discovered sensitive files on a sys...
- Question 37: A consultant starts a network penetration test. The consulta...
- Question 38: A penetration tester finished a security scan and uncovered ...
- Question 39: A company hires a penetration tester to perform an external ...
- Question 40: A penetration tester is performing an authorized physical as...
- Question 41: A tester is working on an engagement that has evasion and st...
- Question 42: A penetration tester wants to maintain access to a compromis...
- Question 43: A penetration tester successfully clones a source code repos...
- Question 44: Which of the following is within the scope of proper handlin...
- Question 45: A penetration tester performs a service enumeration process ...
- Question 46: A penetration tester must identify vulnerabilities within an...
- Question 47: During a red-team exercise, a penetration tester obtains an ...
- Question 48: During a pre-engagement activity with a new customer, a pene...
- Question 49: During a security assessment, a penetration tester gains acc...
- Question 50: A penetration tester is performing an assessment focused on ...
- Question 51: A penetration tester wants to create a malicious QR code to ...
- Question 52: Which of the following techniques is the best way to avoid d...
- Question 53: A penetration testing team wants to conduct DNS lookups for ...
- Question 54: You are a security analyst tasked with hardening a web serve...
- Question 55: During a red-team exercise, a penetration tester obtains an ...
- Question 56: A penetration tester finishes a security scan and uncovers n...
- Question 57: A penetration tester is searching for vulnerabilities or mis...
- Question 58: A penetration tester reviews a SAST vulnerability scan repor...
- Question 59: Which of the following elements in a lock should be aligned ...
- Question 60: A penetration tester gains initial access to a target system...
- Question 61: Which of the following elements of a penetration test report...
- Question 62: While conducting OSINT, a penetration tester discovers the c...
- Question 63: A penetration tester finished a security scan and uncovered ...
- Question 64: During an assessment, a penetration tester runs the followin...
- Question 65: A penetration tester cannot complete a full vulnerability sc...
- Question 66: A penetration tester needs to evaluate the order in which th...
- Question 67: Which of the following explains the reason a tester would op...
- Question 68: A penetration tester is developing the rules of engagement f...
- Question 69: A penetration tester wants to send a specific network packet...
- Question 70: A penetration tester is researching a path to escalate privi...
- Question 71: A penetration tester attempts unauthorized entry to the comp...
- Question 72: A penetration tester identifies the URL for an internal admi...
- Question 73: A penetration tester observes the following output from an N...
- Question 74: A previous penetration test report identified a host with vu...
- Question 75: With one day left to complete the testing phase of an engage...
- Question 76: A penetration tester completes a scan and sees the following...
- Question 77: A penetration tester is attempting to discover vulnerabiliti...
- Question 78: During host discovery, a security analyst wants to obtain Ge...
- Question 79: A penetration tester gains access to a domain server and wan...
- Question 80: During a routine penetration test, the client's security tea...
- Question 81: A penetration tester needs to scan a remote infrastructure w...
- Question 82: A penetration tester needs to complete cleanup activities fr...
- Question 83: During an assessment, a penetration tester gains a low-privi...
- Question 84: A penetration tester writes the following script to enumerat...
- Question 85: During an engagement, a penetration tester found some weakne...
- Question 86: A penetration tester performs a service enumeration process ...
- Question 87: A penetration tester gains initial access to an endpoint and...
- Question 88: A tester performs a vulnerability scan and identifies severa...
- Question 89: A penetration tester performs several Nmap scans against the...
- Question 90: During an assessment, a penetration tester obtains access to...
- Question 91: A penetration tester sets up a C2 (Command and Control) serv...
- Question 92: A penetration tester is configuring a vulnerability manageme...
- Question 93: A penetration tester gains access to a Windows machine and w...
- Question 94: A penetration tester is working on an engagement in which a ...
- Question 95: A penetration tester is evaluating a SCADA system. The teste...
- Question 96: A penetration tester cannot find information on the target c...
- Question 97: A penetration tester is getting ready to conduct a vulnerabi...
- Question 98: A client recently hired a penetration testing firm to conduc...
- Question 99: A penetration tester runs a vulnerability scan that identifi...
- Question 100: After a recent penetration test was conducted by the company...
- Question 101: A penetration tester is conducting reconnaissance on a targe...
- Question 102: A penetration tester wants to check the security awareness o...
- Question 103: A penetration testing team needs to determine whether it is ...
- Question 104: A penetration tester is conducting an assessment of a web ap...
- Question 105: While performing a penetration test, a tester executes the f...
- Question 106: A penetration tester is performing a cloud-based penetration...
- Question 107: A penetration tester writes a Bash script to automate the ex...
- Question 108: A penetration tester discovers data to stage and exfiltrate....
- Question 109: During a penetration testing exercise, a team decides to use...
- Question 110: While performing reconnaissance, a penetration tester attemp...
- Question 111: During a security assessment of an e-commerce website, a pen...
- Question 112: A penetration tester is compiling the final report for a rec...
- Question 113: A penetration tester gains access to a host but does not hav...
