CompTIA Study Materials
AWS Study Materials
AWS Certified Developer Associate AWS Certified Developer Associate
AWS Certified Developer Associate DVA-C02
AWS Certified Solutions Architect Associate AWS Certified Solutions Architect Associate
AWS Certified Solutions Architect Associate SAA-C03
AWS Cloud Practitioner AWS Cloud Practitioner
AWS Cloud Practitioner CLF-C02
Microsoft Study Materials
Microsoft Azure Fundamentals Microsoft Azure Fundamentals
Microsoft Azure Fundamentals AZ-900

Free CompTIA PenTest+ PT0-002 Practice Question

As a penetration tester, you are authorized to test an application's API that employs scoped access tokens. When you request a token from the authorization server specifying a particular scope, you receive a token with broader privileges than expected. What should your next course of action be to ethically continue the test according to the rules of engagement?

  • Use the broader scoped token to test additional functionalities since it will provide a more comprehensive security assessment.

  • Inform the client and request a token with the correct scope.

  • Manually adjust the scope in the token to match the intended permissions and proceed with testing.

  • Continue testing using the received token but avoid accessing the functionalities that are outside the initial scope.

This question is for objective:
Information Gathering and Vulnerability Scanning
Your Score:
Information Gathering and Vulnerability Scanning
Attacks and Exploits
Reporting and Communication
Tools and Code Analysis
Planning and Scoping