CompTIA Study Materials
AWS Study Materials
AWS Certified Developer Associate AWS Certified Developer Associate
AWS Certified Developer Associate DVA-C02
AWS Certified Solutions Architect Associate AWS Certified Solutions Architect Associate
AWS Certified Solutions Architect Associate SAA-C03
AWS Cloud Practitioner AWS Cloud Practitioner
AWS Cloud Practitioner CLF-C02
Microsoft Study Materials
Microsoft Azure Fundamentals Microsoft Azure Fundamentals
Microsoft Azure Fundamentals AZ-900

Free CompTIA PenTest+ PT0-002 Practice Question

As a penetration tester, you are contracted to assess the security of a multinational corporation's internal network. The corporation has multiple interconnected sites and relies heavily on cloud services. Which of the following is the most important initial step to ensure that your testing does not impact systems outside of the agreed scope?

  • Define and discuss a detailed target list with the client, including IP ranges, domains, and specified cloud services that are to be included in the assessment.

  • Assume all interconnected sites are in scope unless otherwise informed by the client in order to conduct a thorough test of the network.

  • Start with an immediate vulnerability assessment of the IP ranges connected to their primary data center to look for potential entry points.

  • Begin testing on the client’s production cloud services to expose as many vulnerabilities as possible regardless of the scope to showcase due diligence.

This question is for objective:
Planning and Scoping
Your Score:
Planning and Scoping
Information Gathering and Vulnerability Scanning
Attacks and Exploits
Reporting and Communication
Tools and Code Analysis