Crucial Exams

CompTIA PenTest+ PT0-002 Practice Question

A penetration tester is conducting an assessment against a web application and has observed that session tokens are not rotated after login. Which type of attack could the penetration tester employ to take advantage of this vulnerability?

  • Cross-site scripting (XSS)

  • Cross-site request forgery (CSRF)

  • Session fixation

  • Session replay

CompTIA PenTest+ PT0-002
Attacks and Exploits
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
SAVE $49
CompTIA PenTest+ Voucher (PT0-002)
$404.00 $355.00
Bash, the Crucial Exams Chat Bot
AI Bot