Free · 6 practice questions · Cybersecurity

CompTIA PenTest+ practice questions.

6 scenario-based questions covering every domain on the exam blueprint. Original DecipherU writing with primary-source citations, not exam-question mimicry. Free to read. Pair with the $147 cert-prep add-on for domain reviews and exam-day strategy.

Read the CompTIA PenTest+ exam overview See parent course

Layered on devsecops fundamentals

CompTIA PenTest+ Exam Prep Add-On

PenTest+ PT0-003 exam-ready ramp covering the full engagement lifecycle (scoping, reconnaissance, exploitation, post-exploitation, reporting). Four domain reviews, four PBQ mock exams, and worked scoping documents in the format hiring teams actually use.

Buy the prep · $147 See parent course

Question 1 of 6Domain · Planning and Scoping

A penetration tester is reviewing the Statement of Work. The client wants Active Directory testing but not testing of the cloud production environment. The cloud environment shares some authentication with on-premises AD. What is the appropriate scoping action?

Pick a letter to enable reveal

Question 2 of 6Domain · Information Gathering and Vulnerability Scanning

A tester is doing passive reconnaissance and wants to inventory the target's exposed cloud assets without sending packets directly to the target. Which combination is most appropriate?

Pick a letter to enable reveal

Question 3 of 6Domain · Attacks and Exploits

A tester has captured a Service Principal Name (SPN) ticket in an Active Directory environment. They want to crack the ticket offline to recover the service account's plaintext password. Which attack is this?

Pick a letter to enable reveal

Question 4 of 6Domain · Attacks and Exploits

An AWS EC2 instance is reachable via SSRF from a vulnerable web application. The tester wants to retrieve the IAM credentials the EC2 instance uses. Which endpoint should the SSRF target?

Pick a letter to enable reveal

Question 5 of 6Domain · Reporting and Communication

A tester discovers a critical SQL injection during an engagement. The vulnerability is in a production system and clearly exploitable to extract customer PII. What is the appropriate immediate action?

Pick a letter to enable reveal

Question 6 of 6Domain · Attacks and Exploits

A web application accepts a `id` query parameter that is concatenated into a SQL query without parameterization. The tester wants to confirm vulnerability and determine the back-end database type. Which approach is the canonical first step?

Pick a letter to enable reveal

Liked these 6? Get the full prep.

CompTIA PenTest+ Exam Prep Add-On

Adds exam-blueprint domain reviews, exam-day strategy, the authorized study resources, and the gated practice scenarios behind purchase. $147 on top of the parent course. Verified against the official blueprint 2026-05-22.

Buy the prep · $147 Today's daily question

Other cert practice sets. Sixteen more cert-prep modules ship with practice question sets:

Get cybersecurity career insights delivered weekly

Join cybersecurity professionals receiving weekly intelligence on threats, job market trends, salary data, and career growth strategies.

By subscribing you agree to our privacy policy. Unsubscribe anytime.