PT0-002 Domain 2: Attacks and Exploits

Two designs were proposed. Design A would assess default credentials on appliances. Design B would test LDAP injection paths. The team must pick the approach aligned with vendor best practices. Which choice is correct?

Multiple choice — select one answer

Answer choices

  1. a. Validate guest vs corporate isolation
  2. b. Parameterized queries and input validation
  3. c. Validate input sanitization on directory queries
  4. d. Check vendor default accounts are changed

Architectural breakdown & explanation

Defaults are common in appliances. Compare with Validate input sanitization on directory queries: LDAPi can bypass authentication.

Correct answer(s): d. Check vendor default accounts are changed

Exam domain: Domain 2: Attacks and Exploits (45% weight on the official guide).

Official documentation & study links

Practice this certification

This page is one question from the CompTIA PenTest+ bank. Run a full timed practice exam with domain-weighted random questions in your browser.