🎖️🏵️ Memorial Weekend Sale — 30% off🏵️🎖️

1 day, 15 hours remaining!
CompTIA Study Materials
AWS Study Materials
AWS Certified Developer Associate AWS Certified Developer Associate
AWS Certified Developer Associate DVA-C02
AWS Certified Solutions Architect Associate AWS Certified Solutions Architect Associate
AWS Certified Solutions Architect Associate SAA-C03
AWS Cloud Practitioner AWS Cloud Practitioner
AWS Cloud Practitioner CLF-C02
Microsoft Study Materials
Microsoft Azure Fundamentals Microsoft Azure Fundamentals
Microsoft Azure Fundamentals AZ-900

Free CompTIA PenTest+ PT0-002 Practice Question

You have been engaged to conduct a penetration test on a web application hosted in the European Union. This application processes payment transactions and handles personal user data. Ensuring that your testing methodology is compliant with all relevant legal frameworks, what is the BEST course of action to take during the planning phase?

  • Recommend that the application should be moved to a data center in another region with less restrictive data protection laws to simplify testing procedures.

  • Proceed with the penetration test by targeting common vulnerabilities, prioritizing the discovery of security issues over adherence to specific legal requirements.

  • Identify all regulatory frameworks pertinent to the processing of financial transactions and personal data within the application's jurisdiction to define compliant testing strategies.

  • Limit the scope of the penetration test to only manual techniques on the premise that automated testing could infringe on data protection policies.

This question is for objective:
Planning and Scoping
Your Score:
Planning and Scoping
Information Gathering and Vulnerability Scanning
Attacks and Exploits
Reporting and Communication
Tools and Code Analysis