PT0-002 Domain 2: Attacks and Exploits

After a design review, leadership requires the team to perform phishing simulation. Which approach is MOST reliable?

Multiple choice — select one answer

Answer choices

  1. a. Approved templates and metrics
  2. b. Test reflected and stored XSS with safe payloads
  3. c. Parameterized queries and input validation
  4. d. Validate local and domain privilege boundaries

Architectural breakdown & explanation

Simulations measure awareness.

Correct answer(s): a. Approved templates and metrics

Exam domain: Domain 2: Attacks and Exploits (45% weight on the official guide).

Official documentation & study links

Practice this certification

This page is one question from the CompTIA PenTest+ bank. Run a full timed practice exam with domain-weighted random questions in your browser.