CompTIA Study Materials
AWS Study Materials
AWS Certified Developer Associate AWS Certified Developer Associate
AWS Certified Developer Associate DVA-C02
AWS Certified Solutions Architect Associate AWS Certified Solutions Architect Associate
AWS Certified Solutions Architect Associate SAA-C03
AWS Cloud Practitioner AWS Cloud Practitioner
AWS Cloud Practitioner CLF-C02
Microsoft Study Materials
Microsoft Azure Fundamentals Microsoft Azure Fundamentals
Microsoft Azure Fundamentals AZ-900

Free CompTIA PenTest+ PT0-002 Practice Question

When conducting a penetration test, you are to evaluate the security posture of both the public-facing (external) applications and the internal network infrastructure of an organization. Assuming that all legal permissions and access rights are in place, which approach would BEST align with the penetration testing strategy to comprehensively assess the security of both external and internal targets within the confines of the test scope?

  • A combination of network-based tests for the internal infrastructure and application-based tests for the public-facing applications

  • Exclusive external testing of the perimeter networks and public IP addresses

  • Full knowledge testing using source code analysis and network sniffing for both external and internal targets

  • Purely passive reconnaissance of both external and internal assets

This question is for objective:
Planning and Scoping
Your Score:
Planning and Scoping
Information Gathering and Vulnerability Scanning
Attacks and Exploits
Reporting and Communication
Tools and Code Analysis