PT0-002 Domain 2: Attacks and Exploits

While troubleshooting latency, engineers determine they must validate SQL injection risk. Which action is appropriate?

Multiple choice — select one answer

Answer choices

  1. a. Parameterized queries and input validation
  2. b. Password spraying with lockout awareness
  3. c. Test with approved wordlists and limits
  4. d. Review parsers and object injection points

Architectural breakdown & explanation

Parameterization mitigates SQLi.

Correct answer(s): a. Parameterized queries and input validation

Exam domain: Domain 2: Attacks and Exploits (45% weight on the official guide).

Official documentation & study links

Practice this certification

This page is one question from the CompTIA PenTest+ bank. Run a full timed practice exam with domain-weighted random questions in your browser.