Question 20 - Top CompTIA Pentest+ PT0-003 Real Exam Questions [March 2026 Update]

Q: 20

[Information Gathering and Vulnerability Scanning] During a penetration test, the tester uses a vulnerability scanner to collect information about any possible vulnerabilities that could be used to compromise the network. The tester receives the results and then executes the following command:

snmpwalk -v 2c -c public 192.168.1.23

Which of the following is the tester trying to do based on the command they used?

Options

Discussion

Ishaan G. Mar 4, 2026 6:16 am

D . Running snmpwalk right after a scan is classic for checking if a vulnerability is legit, especially with that public community string. It's not exploiting, just confirming the finding. Makes sense to me-anyone see it differently?

Arjun D. Feb 19, 2026 6:07 am

Option D not C. Using snmpwalk here is about checking the vulnerability flagged in the scan, not exploiting it.

SeasonedEngineer2427 Feb 21, 2026 9:10 pm

Probably D, not C. snmpwalk isn't scripting an exploit here, it's just used to confirm if the scan result is a true positive or a false hit. Used a few times in practice tests myself.

Rowan N. Feb 14, 2026 11:57 pm

C/D? I see why D fits but using snmpwalk feels kinda hands-on like scripting an exploit too.

Ravi L. Feb 17, 2026 2:08 am

I’d say D, saw similar question in a mock test. Using snmpwalk here is just to confirm if the scanner alert is legit.

Adam S. Feb 16, 2026 4:53 pm

Yeah, D here. Running snmpwalk after a scan is just to see if the default SNMP creds actually work, so it's about checking if the scanner alert is real. Pretty standard practice in pentests-correct me if I'm missing anything important.

Ava S. Feb 25, 2026 8:57 pm

Looks like C to me. Running snmpwalk feels like actively trying to exploit SNMP with default creds. I'd think that's scripting an exploit for access, not just validation. Maybe I'm missing something, but that's how I'd read it.

Ava X. Mar 4, 2026 6:21 pm

Its D, the command is validating if the scanner finding is real or a false alarm. Clear scenario.

Be respectful. No spam.

Correct Answer:

Explanation

The penetration testing process typically involves an initial automated scan to identify potential vulnerabilities, followed by manual validation. The command snmpwalk is used to query a device using the Simple Network Management Protocol (SNMP). The vulnerability scanner likely flagged the target (192.168.1.23) for using a default, weak community string ("public"). The tester is now using snmpwalk to manually confirm this finding. If the command successfully retrieves a large amount of system information, it validates the scanner's result as a true positive. If it fails, the finding may be a false positive. This validation step is crucial for ensuring the accuracy of the final report.

Why Incorrect

A. Bypass defensive systems to collect more information.

snmpwalk is a standard network query tool; this command does not inherently include any techniques for bypassing firewalls or intrusion detection systems (IDS).

B. Use an automation tool to perform the attacks.

While snmpwalk can be scripted, its use here is a single, manual command for verification, not part of a larger automated attack framework.

C. Script exploits to gain access to the systems and host.

snmpwalk is an enumeration tool used to gather information. It does not execute exploits or directly grant unauthorized access to the target system.

References

1. National Institute of Standards and Technology (NIST). (2008). Technical Guide to Information Security Testing and Assessment (NIST Special Publication 800-115).

Section 3.3

"Vulnerability Validation

" Page 3-4: This section details the process following initial discovery. It states

"After identifying potential vulnerabilities

security analysts can use a variety of techniques to validate the vulnerability... This process involves manually verifying the vulnerability to confirm that the vulnerability exists and is not a false positive." The use of snmpwalk is a classic example of this manual verification technique for an SNMP-related finding.

2. Baloch

R. (2015). Ethical Hacking and Penetration Testing Guide. CRC Press.

Chapter 6

"Information Gathering

" Section "SNMP Enumeration

" Page 158: This academic textbook describes using tools like snmpwalk specifically for enumerating information from systems with weak SNMP configurations. The context is clearly information gathering and verification of a potential weakness

which aligns with validating a scanner's findings.

3. Net-SNMP Project. (n.d.). snmpwalk [Manual page].

Description Section: The official documentation describes snmpwalk as an application that "uses SNMP GETNEXT requests to query a network entity for a tree of information." This confirms its purpose as a tool for information retrieval

not exploitation or bypassing defenses

thereby supporting the process of validating a potential vulnerability.

Premium Access Includes

FLASH OFFER

avail 10% DISCOUNT on YOUR PURCHASE