We've got a new look! Please contact us if you run into any issues.

Crucial Exams

CompTIA PenTest+ PT0-002 Practice Question

A penetration testing team is contracted to assess the security of an organization's web application. The scope of engagement explicitly states that social engineering attacks are not allowed. During the reconnaissance phase, which of the following activities should the penetration testers avoid to comply with the engagement rules?

  • Conduct a Cross-Site Request Forgery (CSRF) attack to test for anti-CSRF token implementation.

  • Execute a Cross-Site Scripting (XSS) attack to test for output encoding and input validation measures.

  • Scan the application's login page for SQL injection vulnerabilities.

  • Perform phishing attempts to gauge the organization's employee awareness and resilience to such attacks.

CompTIA PenTest+ PT0-002
Planning and Scoping
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
SAVE $49
CompTIA PenTest+ Voucher (PT0-002)
$404.00 $355.00
Bash, the Crucial Exams Chat Bot
AI Bot