ExamCollection – Page 140 – ExamCollection – #1 Free Source of IT Certification Exams Questions

CompTIA Pentest+ PT0-002 – Section 4: Passive Reconnaissance Part 4

30. DNS Information (OBJ 2.1) There is a lot of information you can gather from the domain name system. Now, we’re going to talk about each of the different record types that we have inside of DNS and the purpose of DNS, but we’re not going to do a really deep, deep dive here because… Read More »

CompTIA Pentest+ PT0-002 – Section 4: Passive Reconnaissance Part 3

28. OSINT Tools (OBJ 2.1) Open-source intelligence tools are used during the reconnaissance phase to find actionable intelligence from various publicly available sources. This intelligence can help the penetration tester to be more precise and targeted in their attack development and future exploits during their engagement. because OSINT is publicly available. You’re not going to… Read More »

CompTIA Pentest+ PT0-002 – Section 4: Passive Reconnaissance Part 2

26. Open-Source Intelligence (OSINT) (OBJ 2.1) There is a lot of great information available online for free that can help you understand how a business or organization is operating. This information is just sitting out there waiting for you to find it. This information is considered open source in the world of information and intelligence… Read More »

CompTIA Pentest+ PT0-002 – Section 4: Passive Reconnaissance Part 1

24. Passive Reconnaissance (OBJ 2.1) In this section of the course, we’re going to discuss Passive Reconnaissance. As we move from our planning and scoping phase of our penetration test, we find ourselves in the second stage of the engagement, Information Gathering and Vulnerability Scanning. During this stage, we’re going to be focused on conducting… Read More »

CompTIA Pentest+ PT0-002 – Section 3: Scooping an Engagement Part 5

22. Limitations and Permission (OBJ 1.1 and OBJ 1.3) During your penetration test, you may also find a lot of confidential information about the target organization. Remember, it is your responsibility to safeguard this information, and if you’re able to access an area of their network you think you shouldn’t be in, it’s important to… Read More »

CompTIA Pentest+ PT0-002 – Section 3: Scooping an Engagement Part 4

20. Assessment Types (OBJ 1.2) There are many different types of penetration tests and assessments, including goals-based, objectives-based, compliance-based, premerger, supply chain and red team assessments. A goals-based assessment is designed with a specific goal in mind. In this case, the penetration tester may attempt to define as many unique ways as possible to achieve… Read More »

CompTIA Pentest+ PT0-002 – Section 3: Scooping an Engagement Part 3

18. Identifying Restrictions (OBJ 1.2) Every organization has a different risk tolerance threshold. This risk tolerance threshold will become a big point of contention during the planning of the timing, the tempo, and the scope of your engagement. If the organization is quite risk averse, you’re going to need to be extra careful not to… Read More »

CompTIA Pentest+ PT0-002 – Section 3: Scooping an Engagement Part 2

16. Adversary Emulation (OBJ 1.2) When you’re conducting an engagement, sometimes you might be asked to perform adversary emulation. Now, adversary emulation is a specialized type of penetration testing where you’re trying to mimic the tactics, techniques and procedures of a real-world threat actor during your penetration test. For example, maybe you’re conducting a penetration… Read More »

CompTIA Pentest+ PT0-002 – Section 3: Scooping an Engagement Part 1

14. Scoping an Engagement (OBJ 1.1, 1.2, and 1.3) In this section of the course we’re going to cover the various considerations that you need to think of when scoping an engagement. Now, when we use the term scope in the world of penetration testing, we’re referring to the combined objectives and requirements needed to… Read More »

CompTIA Pentest+ PT0-002 – Section 2: Planning an Engagement Part 5

12. Regulatory Compliance (OBJ 1.1) When working as a penetration tester, you need to be familiar with a wide range of basic laws and regulations, especially for performing a compliance-based assessment. There are numerous laws and regulations that organizations may be subject to. And it’s our job to help test or prove their compliance with… Read More »