Do you know that you can access more real exam questions via Premium Access? ()
During an assessment, a penetration tester was able to access the organization's wireless network from outside of the building using a laptop running Aircrack-ng. Which of the following should be recommended to the client to remediate this issue?
Answer : B
Directional antennas can limit the signal range to reduce unauthorized access from outside the building. Other options, such as WEP, are outdated and insecure, and stopping SSID broadcast does not prevent network access. This aligns with CompTIA Pentest+ objectives under wireless security and hardening techniques.
Which of the following tools is commonly used for network scanning and enumeration during a penetration test?
Answer : D
Nmap is widely used for network scanning and enumeration. It identifies open ports, services, and vulnerabilities on a network. This directly relates to CompTIA Pentest+ objectives on scanning and enumeration methodologies.
A client evaluating a penetration testing company requests examples of its work. Which of the following represents the best course of action for the penetration testers?
Answer : C
Sharing reports that are no longer under a confidentiality agreement ensures compliance with legal and ethical obligations while satisfying the client's request. This aligns with CompTIA Pentest+ objectives under legal and ethical considerations for penetration testers.
Which of the following documents best ensures an external consulting firm that is hired to perform a penetration test understands and complies with the customer's security policies and procedures?
Answer : A
The Rules of Engagement (ROE) document specifies the scope, boundaries, and procedures of a penetration test, ensuring alignment with the client's security policies. This relates to CompTIA Pentest+ objectives on pre-engagement and scoping activities.
Which of the following describes why scoping and organizational requirements are important when planning a penetration test?
Answer : B
Scoping defines the penetration test's boundaries and objectives, ensuring alignment with the client's needs and expectations. This is a key step in pre-engagement activities, as outlined in the CompTIA Pentest+ objectives.