PT0-002 Domain 2: Attacks and Exploits

The DevOps team is automating releases and must test LDAP injection paths. Which design fits best?

Multiple choice — select one answer

Answer choices

  1. a. Test with approved wordlists and limits
  2. b. Parameterized queries and input validation
  3. c. Verify bucket/blob ACLs and policies
  4. d. Validate input sanitization on directory queries

Architectural breakdown & explanation

LDAPi can bypass authentication.

Correct answer(s): d. Validate input sanitization on directory queries

Exam domain: Domain 2: Attacks and Exploits (45% weight on the official guide).

Official documentation & study links

Practice this certification

This page is one question from the CompTIA PenTest+ bank. Run a full timed practice exam with domain-weighted random questions in your browser.