Free CompTIA PenTest+ PT0-002 Practice Question

During a penetration test, you identify an application vulnerability that could be exploited using a specific tool. However, the tool is known to sometimes cause service disruptions. The rules of engagement given by the client strictly forbids any actions that could lead to denial of service. What is the most appropriate course of action?

  • Proceed with using the tool without informing the client, since identifying vulnerabilities is a higher priority.

  • Discuss the potential use of the tool with the client to obtain explicit permission or alternative instructions.

  • Use the tool during off-peak hours to minimize the risk of causing a denial of service.

  • Use the tool but monitor the application closely and stop the test if any disruptions are detected.

This question's topic:
CompTIA PenTest+ PT0-002 / 
Planning and Scoping
Your Score:

Check or uncheck an objective to set which questions you will receive.