PT0-002 Domain 2: Attacks and Exploits

A company needs to enumerate external attack surface. Which option meets the requirement with the LEAST implementation effort?

Multiple choice — select one answer

Answer choices

  1. a. Broken object level authorization checks
  2. b. Validate guest vs corporate isolation
  3. c. OSINT and scoped port discovery
  4. d. Check vendor default accounts are changed

Architectural breakdown & explanation

Enumeration informs prioritization.

Correct answer(s): c. OSINT and scoped port discovery

Exam domain: Domain 2: Attacks and Exploits (45% weight on the official guide).

Official documentation & study links

Practice this certification

This page is one question from the CompTIA PenTest+ bank. Run a full timed practice exam with domain-weighted random questions in your browser.