PT0-002 Domain 2: Attacks and Exploits

During peak traffic, the platform team must test for weak password policies. What should they do FIRST?

Multiple choice — select one answer

Answer choices

  1. a. Parameterized queries and input validation
  2. b. Password spraying with lockout awareness
  3. c. Validate guest vs corporate isolation
  4. d. Validate input sanitization on directory queries

Architectural breakdown & explanation

Testing reveals auth weaknesses.

Correct answer(s): b. Password spraying with lockout awareness

Exam domain: Domain 2: Attacks and Exploits (45% weight on the official guide).

Official documentation & study links

Practice this certification

This page is one question from the CompTIA PenTest+ bank. Run a full timed practice exam with domain-weighted random questions in your browser.