PT0-002 Domain 2: Attacks and Exploits

Two designs were proposed. Design A would perform privilege escalation checks. Design B would assess default credentials on appliances. The team must pick the approach aligned with vendor best practices. Which choice is correct?

Multiple choice — select one answer

Answer choices

  1. a. Test reflected and stored XSS with safe payloads
  2. b. Check vendor default accounts are changed
  3. c. Validate local and domain privilege boundaries
  4. d. OSINT and scoped port discovery

Architectural breakdown & explanation

Escalation paths are high impact. Compare with Check vendor default accounts are changed: Defaults are common in appliances.

Correct answer(s): c. Validate local and domain privilege boundaries

Exam domain: Domain 2: Attacks and Exploits (45% weight on the official guide).

Official documentation & study links

Practice this certification

This page is one question from the CompTIA PenTest+ bank. Run a full timed practice exam with domain-weighted random questions in your browser.