CompTIA
Free CompTIA Pentest+ Practice Questions
CompTIA PenTest+ is an intermediate cybersecurity certification that validates your ability to plan, scope, and execute penetration tests against networks, web applications, cloud environments, and AI systems.
10
Sample questions
165 min
Exam time limit
70%
Passing score
Exam Domains Covered
Try CompTIA Pentest+
Get a taste before you commit — no account needed.
Get full access to CompTIA Pentest+
All questions, timed exams, flashcards, PDF study guide download & progress tracking.
Sample Practice Questions
The following questions are a preview of the type of syllabus-aligned questions you will practise in CertCrush. They reflect the format and reasoning style of the CompTIA Pentest+ exam — not actual exam content.
Q1.A penetration tester performs a WHOIS lookup against a target domain. Which pieces of information are MOST likely to be obtained from this query? (Select TWO)
- A.Registrant contact information and registration dates
- B.Authoritative name servers for the domain
- C.Internal IP address ranges of the corporate network
- D.SSL/TLS certificate private keys
- E.Running service versions on the web server
Domain: Reconnaissance and Enumeration
Q2.During a penetration test, the tester needs to determine the specific software version running on port 443 of a target web server. Which Nmap flag is MOST appropriate?
- A.nmap -sV target -p 443
- B.nmap -O target -p 443
- C.nmap -sn target
- D.nmap -Pn target -p 443
Domain: Reconnaissance and Enumeration
Q3.A penetration tester runs the command: dig axfr @ns1.target.com target.com. The command returns a complete list of DNS records for the target domain. What has the tester successfully performed?
- A.A DNS zone transfer
- B.A DNS cache poisoning attack
- C.A reverse DNS brute force
- D.A DNS amplification attack
Domain: Reconnaissance and Enumeration
Q4.A penetration tester needs to quickly identify all live hosts on a /24 subnet without performing port scanning. Which Nmap command achieves this?
- A.nmap -sn 192.168.1.0/24
- B.nmap -sS 192.168.1.0/24
- C.nmap -sV 192.168.1.0/24
- D.nmap -p- 192.168.1.0/24
Domain: Reconnaissance and Enumeration
Q5.A penetration tester finds a potential exploit for a target service using searchsploit and wants to copy the exploit file to the current working directory for modification. Which searchsploit flag should be used?
- A.searchsploit -m 12345
- B.searchsploit -x 12345
- C.searchsploit -p 12345
- D.searchsploit -w 12345
Domain: Attacks and Exploits
Frequently Asked Questions
What is included in the free CompTIA Pentest+ sample?
The free sample includes 10 syllabus-aligned practice questions, sample flashcards, and a preview chapter from the study guide. No account or payment is required to try the sample.
How many questions are in the full CompTIA Pentest+ course?
The full course includes a comprehensive question bank covering all exam domains. You can see the total question count on the CompTIA Pentest+ course page.
Are these official CompTIA exam questions?
No. CertCrush questions are independently written and syllabus-aligned — they mirror the format, difficulty, and reasoning style of the official exam. We are not affiliated with or endorsed by CompTIA.
Which domains does the CompTIA Pentest+ course cover?
The course covers 5 exam domains: Engagement Management, Reconnaissance and Enumeration, Vulnerability Discovery and Analysis, Attacks and Exploits, Post-Exploitation and Lateral Movement.
Can I study on mobile?
Yes. CertCrush is fully responsive and works on phones, tablets, and desktops. The timed exam, flashcards, and study guide all work on mobile without installing an app.
What happens when I create an account?
Creating a free account lets you access full courses, track your weak areas by domain, and resume practice sessions across devices. No credit card is required to register.