CompTIA PenTest+ PT0-002 Practice Question
You are planning a penetration testing engagement for an organization that is very concerned about potential service disruptions. While reviewing the established rules of engagement, you note a specific condition that prohibits any tests that could result in denial of service. Which of the following tests should you exclude from your testing plan to comply with the client's requirement?
Attempting cross-site scripting (XSS) in various input fields of the client's website
Sending large volumes of traffic to test for Denial of Service (DoS) vulnerabilities
Testing for SQL injection vulnerabilities in web applications
Performing directory traversal attacks to assess system file access controls